The sendValue
function in the MockDelegateTarget
contract is vulnerable to reentrancy attacks and lacks proper error handling.
This vulnerability occurs when an external contract, called by the sendValue
function, makes a recursive call back into the sendValue
function before the initial execution completes. This can lead to unintended behaviors, such as the depletion of the contract's funds.
The function uses a low-level call
to transfer ether to the target address without implementing any reentrancy protection mechanisms.
If the target address is a contract with a fallback function, it can invoke the sendValue
function (or another function within the same contract) before the initial call concludes.
The function uses call
to send ether to the target
address without any form of reentrancy protection. If the target
address is a contract with a fallback function, it can call back into the sendValue
function (or another function in the same contract) before the initial call completes.
The call
function returns a boolean value indicating whether the call was successful. However, the current implementation does not check this return value. This means the contract has no way of knowing if the ether transfer failed.
Test for 'sendValue' function
The function uses a low-level call
to transfer ether to the target address without implementing any reentrancy protection mechanisms.
If the target address is a contract with a fallback function, it can invoke the sendValue
function (or another function within the same contract) before the initial call concludes. This can lead to unintended behaviors, such as the depletion of the contract's funds.
Manual Review
We need to ensure all checks (e.g., balance verification) and state changes (e.g., updating balances) are performed before interacting with external contracts.
This code adheres to best practices by completing all necessary checks and state changes before any external contract interactions occur.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.