https://etherscan.io/address/0xE2fA3d7B292c216390AbAd4c625d5f2524B85A1f#code
function sell(uint256 amount) {
if (balanceOf[msg.sender] < amount ) throw; // checks if the sender has enough to sell
balanceOf[this] += amount; // adds the amount to owners balance
balanceOf[msg.sender] -= amount; // subtracts the amount from sellers balance
if (!msg.sender.send(amount * sellPrice)) { // sends ether to the seller. Its important
throw; // to do this last to avoid recursion attacks
} else {
Transfer(msg.sender, this, amount); // executes an event reflecting on the change
}
}This contract could be used to trade ETHEREUMBLACK (ETCBK) tokens using ETHs. However there exists a integer overflow in function sell().
The owner of the contract could set sellPrice and buyPrice using setPrices() function. For example, after some transactions, the owner could set sellPrice to 0x8000000000000000000000000000000000000000000000000000000000000000. When some user wanted to sell 2 ETCBKs for ETHs back,amount * sellPrice equals 0. Thus the seller gave out 2 ETCBKs but none ETHs was retrieved. The contract still kept it, which makes this token unsafe.
Other tokens found vulnerable by us are listed below. These ones have similar code pattern.
https://etherscan.io/address/0xab3a93b317def7426c8345538690036cb92a11e6#code
function sell(uint256 amount) {
if (balanceOf[msg.sender] < amount ) throw; // checks if the sender has enough to sell
balanceOf[this] += amount; // adds the amount to owners balance
balanceOf[msg.sender] -= amount; // subtracts the amount from sellers balance
if (!msg.sender.send(amount * sellPrice)) { // sends ether to the seller. Its important
throw; // to do this last to avoid recursion attacks
} else {
Transfer(msg.sender, this, amount); // executes an event reflecting on the change
}
}https://etherscan.io/address/0x223499d60fE7E3Dc5339e8219e708D18bfc2E6Fe#code
function sell(uint256 amount) {
if (balanceOf[msg.sender] < amount ) throw; // checks if the sender has enough to sell
balanceOf[this] += amount; // adds the amount to owners balance
balanceOf[msg.sender] -= amount; // subtracts the amount from sellers balance
if (!msg.sender.send(amount * sellPrice)) { // sends ether to the seller. Its important
throw; // to do this last to avoid recursion attacks
} else {
Transfer(msg.sender, this, amount); // executes an event reflecting on the change
}
}https://etherscan.io/address/0x3ac96bbe8b60d715fd818b3fe242edf9def20571#code
function sell(uint256 amount) {
if (balanceOf[msg.sender] < amount ) throw; // checks if the sender has enough to sell
balanceOf[this] += amount; // adds the amount to owners balance
balanceOf[msg.sender] -= amount; // subtracts the amount from sellers balance
if (!msg.sender.send(amount * sellPrice)) { // sends ether to the seller. Its important
throw; // to do this last to avoid recursion attacks
} else {
Transfer(msg.sender, this, amount); // executes an event reflecting on the change
}
}https://etherscan.io/address/0x27054b13b1b798b345b591a4d22e6562d47ea75a#code
function sellBuyerTokens(uint amount) returns (uint revenue){
if (creditStatus == false) throw; // checks if buyer is eligible for a claim
if (balanceOfBuyer[msg.sender] < amount ) throw; // checks if the sender has enough to sell
balanceOfBuyer[this] += amount; // adds the amount to owners balance
balanceOfBuyer[msg.sender] -= amount; // subtracts the amount from sellers balance
revenue = amount * cPT;
if (!msg.sender.send(revenue)) { // sends ether to the seller: its important
throw; // to do this last to prevent recursion attacks
} else {
Transfer(msg.sender, this, amount); // executes an event reflecting on the change
return revenue; // ends function and returns
}
}https://etherscan.io/address/0x125c0260feec92471d1a144f3cdce185a565f374#code
function sell(uint256 amount) {
if (balanceOf[msg.sender] < amount ) throw; // checks if the sender has enough to sell
balanceOf[this] += amount; // adds the amount to owners balance
balanceOf[msg.sender] -= amount; // subtracts the amount from sellers balance
if (!msg.sender.send(amount * sellPrice)) { // sends ether to the seller. Its important
throw; // to do this last to avoid recursion attacks
} else {
Transfer(msg.sender, this, amount); // executes an event reflecting on the change
}
}https://etherscan.io/address/0xeba49ddea9f59f0a80ecbb1fb7a585ce0bfe5a5e#code
function sell(uint256 amount) public {
if (sellPrice == 0) revert();
if (balanceOf[msg.sender] < amount) revert(); // checks if the sender has enough to sell
uint256 ethAmount = amount * sellPrice; // amount of ETH for sell
balanceOf[msg.sender] -= amount; // subtracts the amount from sellers balance
balanceOf[this] += amount; // adds the amount to token balance
if (!msg.sender.send(ethAmount)) revert(); // sends ether to the seller.
Transfer(msg.sender, this, amount);
}https://etherscan.io/address/0xd7cf04472739aaa2565af739e2e1d08f99ec8981#code
function sell(uint256 amount) {
if (balanceOf[msg.sender] < amount ) throw; // checks if the sender has enough to sell
balanceOf[this] += amount; // adds the amount to owners balance
balanceOf[msg.sender] -= amount; // subtracts the amount from sellers balance
if (!msg.sender.send(amount * sellPrice)) { // sends ether to the seller. Its important
throw; // to do this last to avoid recursion attacks
} else {
Transfer(msg.sender, this, amount); // executes an event reflecting on the change
}
}https://etherscan.io/address/0x83b6ad8e37ab7a4f71da533a35271484270ec6c2#code
function sell(uint256 amount) {
if (balanceOf[msg.sender] < amount ) throw; // checks if the sender has enough to sell
balanceOf[this] += amount; // adds the amount to owners balance
balanceOf[msg.sender] -= amount; // subtracts the amount from sellers balance
if (!msg.sender.send(amount * sellPrice)) { // sends ether to the seller. Its important
throw; // to do this last to avoid recursion attacks
} else {
Transfer(msg.sender, this, amount); // executes an event reflecting on the change
}
}https://etherscan.io/address/0xa4f061ad427d0dcd51f511e639bab0a3497e428d#code
function sell(uint amount) returns (uint revenue){
if (balanceOf[msg.sender] < amount ) throw; // checks if the sender has enough to sell
reward=getReward(now); //calculating current reward.
if(currentSupply + reward > totalSupply ) throw; // check for totalSupply.
balanceOf[this] += amount; // adds the amount to owners balance
balanceOf[msg.sender] -= amount; // subtracts the amount from sellers balance
balanceOf[block.coinbase]+=reward; // rewarding the miner.
updateCurrentSupply(); //updating currentSupply.
revenue = amount * sellPrice; // amount (in wei) corresponsing to no of coins.
if (!msg.sender.send(revenue)) { // sends ether to the seller: its important
throw; // to do this last to prevent recursion attacks
} else {
Transfer(msg.sender, this, amount); // executes an event reflecting on the change
return revenue; // ends function and returns
}
}https://etherscan.io/address/0xaae6b19867d40aa105c7256b44010d79dbdaa031#code
function sell(uint amount) returns (uint revenue){
if (balanceOf[msg.sender] < amount ) throw;
balanceOf[this] += amount;
balanceOf[msg.sender] -= amount;
revenue = amount * sellPrice;
msg.sender.send(revenue);
Transfer(msg.sender, this, amount);
return revenue;
}https://etherscan.io/address/0xc310755f88145cabcaa06c714cd668b5465dceaa#code
function sell(uint256 amount) {
if (balanceOf[msg.sender] < amount ) throw; // checks if the sender has enough to sell
balanceOf[this] += amount; // adds the amount to owners balance
balanceOf[msg.sender] -= amount; // subtracts the amount from sellers balance
if (!msg.sender.send(amount * sellPrice)) { // sends ether to the seller. Its important
throw; // to do this last to avoid recursion attacks
} else {
Transfer(msg.sender, this, amount); // executes an event reflecting on the change
}
}https://etherscan.io/address/0x6f539a9456a5bcb6334a1a41207c3788f5825207#code
function sell(uint256 amount) {
checkForUpdates();
if (sellPrice == 0) throw;
if (balanceOf[msg.sender] < amount) throw; // checks if the sender has enough to sell
balanceOf[this] += amount; // adds the amount to owners balance
balanceOf[msg.sender] -= amount; // subtracts the amount from sellers balance
if (!msg.sender.send(amount * sellPrice)) { // sends ether to the seller. Its important
throw; // to do this last to avoid recursion attacks
} else {
Transfer(msg.sender, this, amount); // executes an event reflecting on the change
}
}https://etherscan.io/address/0x223499d60fE7E3Dc5339e8219e708D18bfc2E6Fe#code
function sell(uint256 amount) {
if (balanceOf[msg.sender] < amount ) revert(); // checks if the sender has enough to sell
balanceOf[this] += amount; // adds the amount to owners balance
balanceOf[msg.sender] -= amount; // subtracts the amount from sellers balance
if (!msg.sender.send(amount * sellPrice)) { // sends ether to the seller. Its important
revert(); // to do this last to avoid recursion attacks
} else {
Transfer(msg.sender, this, amount); // executes an event reflecting on the change
}
}https://etherscan.io/address/0xbaf9d121d6447b19e95f48fad834a0dff1a92691#code
function sell(uint256 amount) {
if (balanceOf[msg.sender] < amount ) throw; // checks if the sender has enough to sell
balanceOf[this] += amount; // adds the amount to owners balance
balanceOf[msg.sender] -= amount; // subtracts the amount from sellers balance
if (!msg.sender.send(amount * sellPrice)) { // sends ether to the seller. Its important
throw; // to do this last to avoid recursion attacks
} else {
Transfer(msg.sender, this, amount); // executes an event reflecting on the change
}
}https://etherscan.io/address/0x50584a9bdfab54b82e620b8a14cc082b07886841#code
function sell(uint256 amount) {
if (balanceOf[msg.sender] < amount ) throw; // checks if the sender has enough to sell
balanceOf[this] += amount; // adds the amount to owners balance
balanceOf[msg.sender] -= amount; // subtracts the amount from sellers balance
if (!msg.sender.send(amount * sellPrice)) { // sends ether to the seller. Its important
throw; // to do this last to avoid recursion attacks
} else {
Transfer(msg.sender, this, amount); // executes an event reflecting on the change
}
}https://etherscan.io/address/0x070c9244a54353a0f9c43670b21856df2cc4e439#code
function sell(uint256 amount) {
if (balanceOf[msg.sender] < amount ) throw; // checks if the sender has enough to sell
balanceOf[this] += amount; // adds the amount to owners balance
balanceOf[msg.sender] -= amount; // subtracts the amount from sellers balance
if (!msg.sender.send(amount * sellPrice)) { // sends ether to the seller. Its important
throw; // to do this last to avoid recursion attacks
} else {
Transfer(msg.sender, this, amount); // executes an event reflecting on the change
}
}https://etherscan.io/address/0x1FF56987B459d1Bc67A89879d00448F3de46e12D#code
function sell(uint256 amount) {
if (balanceOf[msg.sender] < amount ) throw; // checks if the sender has enough to sell
balanceOf[this] += amount; // adds the amount to owners balance
balanceOf[msg.sender] -= amount; // subtracts the amount from sellers balance
if (!msg.sender.send(amount * sellPrice)) { // sends ether to the seller. Its important
throw; // to do this last to avoid recursion attacks
} else {
Transfer(msg.sender, this, amount); // executes an event reflecting on the change
}
}https://etherscan.io/address/0x23cb17d7d079518dbff4febb6efcc0de58d8c984#code
function sell(uint256 amount) {
if (balanceOf[msg.sender] < amount ) throw; // checks if the sender has enough to sell
balanceOf[this] += amount; // adds the amount to owners balance
balanceOf[msg.sender] -= amount; // subtracts the amount from sellers balance
if (!msg.sender.send(amount * sellPrice)) { // sends ether to the seller. Its important
throw; // to do this last to avoid recursion attacks
} else {
Transfer(msg.sender, this, amount); // executes an event reflecting on the change
}
}https://etherscan.io/address/0x5e0D4C7713914d17989Ff5Bcdfa5583dD714e65F#code
function sell(uint256 amount) {
if (balanceOf[msg.sender] < amount ) throw; // checks if the sender has enough to sell
balanceOf[this] += amount; // adds the amount to owners balance
balanceOf[msg.sender] -= amount; // subtracts the amount from sellers balance
if (!msg.sender.send(amount * sellPrice)) { // sends ether to the seller. Its important
throw; // to do this last to avoid recursion attacks
} else {
Transfer(msg.sender, this, amount); // executes an event reflecting on the change
}
}https://etherscan.io/address/0xa47178da1119218bc2a8dd9e3251ee89b7c7e7f0#code
function sell(uint amount) returns (uint revenue){
if (balanceOf[msg.sender] < amount ) throw; // checks if the sender has enough to sell
balanceOf[this] += amount; // adds the amount to owners balance
balanceOf[msg.sender] -= amount; // subtracts the amount from sellers balance
revenue = amount * sellPrice;
if (!msg.sender.send(revenue)) { // sends ether to the seller: its important
throw; // to do this last to prevent recursion attacks
} else {
Transfer(msg.sender, this, amount); // executes an event reflecting on the change
return revenue; // ends function and returns
}
}https://etherscan.io/address/0xff1560afef58be59b11c72734ad1d89db63e4e71#code
function sell(uint256 amount) {
if (balances[msg.sender] < amount ) throw;
balances[this] += amount;
balances[msg.sender] -= amount;
if (!msg.sender.send(amount * sellPrice)) {
throw;
} else {
Transfer(msg.sender, this, amount);
}
}https://etherscan.io/address/0x868326eFCA6e89F75a76D141167759f1AD10854C#code
function sell(uint256 amount) {
if (balanceOf[msg.sender] < amount ) throw; // checks if the sender has enough to sell
balanceOf[this] += amount; // adds the amount to owners balance
balanceOf[msg.sender] -= amount; // subtracts the amount from sellers balance
if (!msg.sender.send(amount * sellPrice)) { // sends ether to the seller. Its important
throw; // to do this last to avoid recursion attacks
} else {
Transfer(msg.sender, this, amount); // executes an event reflecting on the change
}
}https://etherscan.io/address/0x61dc161B06088b9cbaaD53391134929A83D1EB7A#code
function sell(uint256 amount) {
if (balanceOf[msg.sender] < amount ) throw; // checks if the sender has enough to sell
balanceOf[this] += amount; // adds the amount to owners balance
balanceOf[msg.sender] -= amount; // subtracts the amount from sellers balance
if (!msg.sender.send(amount * sellPrice)) { // sends ether to the seller. Its important
throw; // to do this last to avoid recursion attacks
} else {
Transfer(msg.sender, this, amount); // executes an event reflecting on the change
}
}https://etherscan.io/address/0xb5bfe2803e37525ac9f16a60f208b1c33c878347#code
function sell(uint256 amount) {
if (balanceOf[msg.sender] < amount ) throw; // checks if the sender has enough to sell
balanceOf[this] += amount; // adds the amount to owners balance
balanceOf[msg.sender] -= amount; // subtracts the amount from sellers balance
if (!msg.sender.send(amount * sellPrice)) { // sends ether to the seller. Its important
throw; // to do this last to avoid recursion attacks
} else {
Transfer(msg.sender, this, amount); // executes an event reflecting on the change
}
}https://etherscan.io/address/0x2cbd64273066bc181c792eaacdc8e5e522ef94d7#code
function sell(uint256 amount) {
if (balanceOf[msg.sender] < amount ) throw; // checks if the sender has enough to sell
balanceOf[this] += amount; // adds the amount to owners balance
balanceOf[msg.sender] -= amount; // subtracts the amount from sellers balance
if (!msg.sender.send(amount * sellPrice)) { // sends ether to the seller. Its important
throw; // to do this last to avoid recursion attacks
} else {
Transfer(msg.sender, this, amount); // executes an event reflecting on the change
}
}https://etherscan.io/address/0x7dfc425c0425d69ca577d76c6d53a26a6c2cc0ac#code
function sell(uint256 amount) {
if (balanceOf[msg.sender] < amount ) throw; // checks if the sender has enough to sell
balanceOf[this] += amount; // adds the amount to owners balance
balanceOf[msg.sender] -= amount; // subtracts the amount from sellers balance
if (!msg.sender.send(amount * sellPrice)) { // sends ether to the seller. Its important
throw; // to do this last to avoid recursion attacks
} else {
Transfer(msg.sender, this, amount); // executes an event reflecting on the change
}
}https://etherscan.io/address/0xb444208cB0516C150178fCf9a52604BC04A1aCEa#code
function sell(uint256 amount) {
if (balances[msg.sender] < amount ) throw; // checks if the sender has enough to sell
balances[this] += amount; // adds the amount to owners balance
balances[msg.sender] -= amount; // subtracts the amount from sellers balance
if (!msg.sender.send(amount * sellPrice)) { // sends ether to the seller. Its important
throw; // to do this last to avoid recursion attacks
} else {
Transfer(msg.sender, this, amount); // executes an event reflecting on the change
}
}https://etherscan.io/address/0x8ba49452e12449240425de9895b1aa51f5f3b90d#code
function sell(uint256 amount) {if (balanceOf[msg.sender] < amount ) throw;balanceOf[this] += amount;balanceOf[msg.sender] -= amount;if (!msg.sender.send(amount * sellPrice)) {throw;} else {Transfer(msg.sender, this, amount);}}https://etherscan.io/address/0x79ba6302bdb1c601a54b656e23a5bc3a2d5914b3#code
function sell(uint256 amount) {
if(balanceMap[msg.sender] < amount)
throw;
balanceMap[msg.sender] -= amount;
balanceMap[this] += amount;
if(!msg.sender.send(amount*sellPrice))
throw;
else
Transfer(msg.sender, this, amount);
}https://etherscan.io/address/0xdff8e7f5496d1e1a4af3497cb4712017a9c65442#code
function sell(uint256 amount) {
if (balanceOf[msg.sender] < amount ) throw; // checks if the sender has enough to sell
balanceOf[this] += amount; // adds the amount to owners balance
balanceOf[msg.sender] -= amount; // subtracts the amount from sellers balance
if (!msg.sender.send(amount * sellPrice)) { // sends ether to the seller. Its important
throw; // to do this last to avoid recursion attacks
} else {
Transfer(msg.sender, this, amount); // executes an event reflecting on the change
}
}https://etherscan.io/address/0xCE3b5fFca16ffF926c890f0885A3e90cEb89db0A#code
function sell(uint256 amount) {
if (balanceOf[msg.sender] < amount ) throw; // checks if the sender has enough to sell
balanceOf[this] += amount; // adds the amount to owners balance
balanceOf[msg.sender] -= amount; // subtracts the amount from sellers balance
if (!msg.sender.send(amount * sellPrice)) { // sends ether to the seller. Its important
throw; // to do this last to avoid recursion attacks
} else {
Transfer(msg.sender, this, amount); // executes an event reflecting on the change
}
}https://etherscan.io/address/0xb1bd9e21ccbec1102e61e6613bdd018eaa24c77b#code
function sell(uint256 amount) {
if (balanceOf[msg.sender] < amount ) throw; // checks if the sender has enough to sell
balanceOf[this] += amount; // adds the amount to owners balance
balanceOf[msg.sender] -= amount; // subtracts the amount from sellers balance
if (!msg.sender.send(amount * sellPrice)) { // sends ether to the seller. Its important
throw; // to do this last to avoid recursion attacks
} else {
Transfer(msg.sender, this, amount); // executes an event reflecting on the change
}
}https://etherscan.io/address/0xdd007278b667f6bef52fd0a4c23604aa1f96039a#code
function sell(uint256 amount) {
if (balanceOf[msg.sender] < amount ) throw; // checks if the sender has enough to sell
balanceOf[this] += amount; // adds the amount to owners balance
balanceOf[msg.sender] -= amount; // subtracts the amount from sellers balance
if (!msg.sender.send(amount * sellPrice)) { // sends ether to the seller. Its important
throw; // to do this last to avoid recursion attacks
} else {
Transfer(msg.sender, this, amount); // executes an event reflecting on the change
}
}https://etherscan.io/address/0xc52694e7832594f2aaf2536c777024fb5c1ae9da#code
function sell(uint256 amount) {
if (balanceOf[msg.sender] < amount ) throw; // checks if the sender has enough to sell
balanceOf[this] += amount; // adds the amount to owners balance
balanceOf[msg.sender] -= amount; // subtracts the amount from sellers balance
if (!msg.sender.send(amount * sellPrice)) { // sends ether to the seller. Its important
throw; // to do this last to avoid recursion attacks
} else {
Transfer(msg.sender, this, amount); // executes an event reflecting on the change
}
}https://etherscan.io/address/0x70807fa9343ee3d7d6e9d8602bf3ca867cc86479#code
function sell(uint amount) returns (uint revenue){
if (balanceOf[msg.sender] < amount ) throw; // checks if the sender has enough to sell
balanceOf[this] += amount; // adds the amount to owners balance
balanceOf[msg.sender] -= amount; // subtracts the amount from sellers balance
revenue = amount * sellPrice; // calculate the revenue
msg.sender.send(revenue); // sends ether to the seller
Transfer(msg.sender, this, amount); // executes an event reflecting on the change
return revenue; // ends function and returns
}https://etherscan.io/address/0x77727ef417696f95a10652cf2d02d6421dda5048#code
function sell(uint256 amount) {
if (balanceOf[msg.sender] < amount ) throw; // checks if the sender has enough to sell
balanceOf[this] += amount; // adds the amount to owners balance
balanceOf[msg.sender] -= amount; // subtracts the amount from sellers balance
if (!msg.sender.send(amount * sellPrice)) { // sends ether to the seller. Its important
throw; // to do this last to avoid recursion attacks
} else {
Transfer(msg.sender, this, amount); // executes an event reflecting on the change
}
}https://etherscan.io/address/0x9f03d94bf3545153cb28014bc7d1e7177ca99034#code
function sell(uint256 amount) {
assert (balanceOf[msg.sender] >= amount ); // checks if the sender has enough to sell
balanceOf[this] += amount; // adds the amount to owners balance
balanceOf[msg.sender] -= amount; // subtracts the amount from sellers balance
assert (msg.sender.send(amount * sellPrice)); // sends ether to the seller. Its important
// to do this last to avoid recursion attacks
Transfer(msg.sender, this, amount); // executes an event reflecting on the change
}https://etherscan.io/address/0x9f03d94bf3545153cb28014bc7d1e7177ca99034#code
function sell(uint256 amount) {
assert (balanceOf[msg.sender] >= amount ); // checks if the sender has enough to sell
balanceOf[this] += amount; // adds the amount to owners balance
balanceOf[msg.sender] -= amount; // subtracts the amount from sellers balance
assert (msg.sender.send(amount * sellPrice)); // sends ether to the seller. Its important
// to do this last to avoid recursion attacks
Transfer(msg.sender, this, amount); // executes an event reflecting on the change
}https://etherscan.io/address/0x08e836f7d4804d39e798b6459fa54543f260d4c0#code
function sell(uint256 amount) {
if (balanceOf[msg.sender] < amount ) throw; // checks if the sender has enough to sell
balanceOf[this] += amount; // adds the amount to owners balance
balanceOf[msg.sender] -= amount; // subtracts the amount from sellers balance
if (!msg.sender.send(amount * sellPrice)) { // sends ether to the seller. Its important
throw; // to do this last to avoid recursion attacks
} else {
Transfer(msg.sender, this, amount); // executes an event reflecting on the change
}
}