Skip to content
This repository has been archived by the owner on May 26, 2023. It is now read-only.

Latest commit

 

History

History
36 lines (22 loc) · 1.58 KB

148.md

File metadata and controls

36 lines (22 loc) · 1.58 KB
Raw

ak1

medium

Use of transfer function to send fund may not work and fund can stuck

Summary

In BufferBinaryOptions.sol and BufferBinaryPool.sol contracts, transfer function is used. Usage of this function is not recommended since it will fail when gas cost increased.

Vulnerability Detail

In BufferBinaryOptions.sol and BufferBinaryPool.sol contracts, transfer function is used. Usage of this function is not recommended since it will fail when gas cost increased.

Line Line Line

Impact

Transaction will fail and fund will stuck if gas cost of transaction is increased.

Code Snippet

Line Line Line

Tool used

Manual Review

Recommendation

Use call() instead of transfer(), but be sure to respect the CEI pattern and/or add re-entrancy guards, as several hacks already happened in the past due to this recommendation not being fully understood.

More info on; https://swcregistry.io/docs/SWC-134