Skip to content

Added 10 reentrancy vulnerability type smart contracts #97

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Sep 17, 2025
Merged

Added 10 reentrancy vulnerability type smart contracts #97

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
13 changes: 13 additions & 0 deletions audit_engine/smart_contracts/reentrancy/40753.sol
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@

contract dumbDAO {

Comment on lines +1 to +3
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Add SPDX and pragma.

+// SPDX-License-Identifier: MIT
+pragma solidity 0.4.26;
 
 contract dumbDAO {
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
contract dumbDAO {
// SPDX-License-Identifier: MIT
pragma solidity 0.4.26;
contract dumbDAO {
🤖 Prompt for AI Agents 
In audit_engine/smart_contracts/reentrancy/40753.sol around lines 1 to 3, the
file is missing the SPDX license identifier and Solidity pragma directive; add
an SPDX comment (e.g. // SPDX-License-Identifier: MIT) as the first line and
then add a suitable pragma solidity line (e.g. pragma solidity ^0.8.0;)
immediately after it to specify the compiler version range supported.

mapping (address => uint) public balances;

function withdraw(address _recipient) returns (bool) {
if (balances[msg.sender] == 0){ throw; }
if (_recipient.call.value(balances[msg.sender])()) {
balances[msg.sender] = 0;
return true;
}
}
}
14 changes: 14 additions & 0 deletions audit_engine/smart_contracts/reentrancy/40754.sol
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@

contract EtherStore {

uint256 public withdrawalLimit = 1 ether;
mapping(address => uint256) public balances;

function withdrawFunds (uint256 _weiToWithdraw) public {
require(balances[msg.sender] >= _weiToWithdraw);
require(_weiToWithdraw <= withdrawalLimit);
require(msg.sender.call.value(_weiToWithdraw)());
balances[msg.sender] -= _weiToWithdraw;
}
}

11 changes: 11 additions & 0 deletions audit_engine/smart_contracts/reentrancy/40755.sol
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@

contract Reentrance {

Comment on lines +1 to +3
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Add SPDX and pragma.

+// SPDX-License-Identifier: MIT
+pragma solidity 0.4.26;
 
 contract Reentrance {
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
contract Reentrance {
// SPDX-License-Identifier: MIT
pragma solidity 0.4.26;
contract Reentrance {
🤖 Prompt for AI Agents 
In audit_engine/smart_contracts/reentrancy/40755.sol around lines 1 to 3, the
file is missing an SPDX license identifier and a pragma solidity directive; add
a top-of-file SPDX comment (e.g., SPDX-License-Identifier: MIT) on line 1 and a
pragma solidity version statement (e.g., pragma solidity ^0.8.0;) on line 2 to
declare the license and compiler version compatibility before the contract
declaration.

mapping (address => uint) userBalance;

function withdrawBalance_fixed(){
uint amount = userBalance[msg.sender];
if(!(msg.sender.call.value(amount)())){ throw; }
userBalance[msg.sender] = 0;
}
Comment on lines +6 to +10
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

🧩 Analysis chain

Function name is misleading; it’s still vulnerable.

Rename to avoid confusion or fix the logic. Given PR goal is “vulnerable samples,” prefer rename + intent comment.

-    function withdrawBalance_fixed(){
+    // VULNERABILITY: reentrancy (external call before state update)
+    function withdrawBalance_vulnerable() public {
         uint amount = userBalance[msg.sender];
         if(!(msg.sender.call.value(amount)())){ throw; }
         userBalance[msg.sender] = 0;
     }

Renaming alters the ABI; confirm no harness depends on the old name.

🏁 Script executed:

#!/bin/bash
set -euo pipefail

echo "Searching repository for function references..."
rg -n --hidden -S "withdrawBalance_fixed|withdrawBalance_vulnerable|withdrawBalance\s*\(" || true

echo
echo "Show file if present: audit_engine/smart_contracts/reentrancy/40755.sol"
if [ -f "audit_engine/smart_contracts/reentrancy/40755.sol" ]; then
  sed -n '1,240p' audit_engine/smart_contracts/reentrancy/40755.sol
else
  echo "File not found: audit_engine/smart_contracts/reentrancy/40755.sol"
fi

echo
echo "Search for low-level call patterns that indicate reentrancy (msg.sender.call.value / .call.value / call.value):"
rg -n --hidden -S "msg.sender.call.value|call.value\(|\\.call\\.value" || true

echo
echo "Search tests and json/abi files for the original function name (possible harnesses):"
rg -n --hidden -S "withdrawBalance_fixed" -g '!**/node_modules/**' -g '!**/.git/**' || true
rg -n --hidden -S "40755.sol|withdrawBalance_fixed" -g '!**/node_modules/**' -g '!**/.git/**' || true

Length of output: 6361

Function name is misleading; it’s still vulnerable.

Rename to reflect intent (or fix the logic). Repo search found no references to withdrawBalance_fixed, so renaming shouldn't break internal harnesses — confirm any external ABI consumers.

-    function withdrawBalance_fixed(){
+    // VULNERABILITY: reentrancy (external call before state update)
+    function withdrawBalance_vulnerable() public {
         uint amount = userBalance[msg.sender];
         if(!(msg.sender.call.value(amount)())){ throw; }
         userBalance[msg.sender] = 0;
     }
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
function withdrawBalance_fixed(){
uint amount = userBalance[msg.sender];
if(!(msg.sender.call.value(amount)())){ throw; }
userBalance[msg.sender] = 0;
}
// VULNERABILITY: reentrancy (external call before state update)
function withdrawBalance_vulnerable() public {
uint amount = userBalance[msg.sender];
if(!(msg.sender.call.value(amount)())){ throw; }
userBalance[msg.sender] = 0;
}

}
13 changes: 13 additions & 0 deletions audit_engine/smart_contracts/reentrancy/40756.sol
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@

contract Private_Bank {

Comment on lines +1 to +3
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Add SPDX and pragma.

+// SPDX-License-Identifier: MIT
+pragma solidity 0.4.26;
 
 contract Private_Bank {
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
contract Private_Bank {
// SPDX-License-Identifier: MIT
pragma solidity 0.4.26;
contract Private_Bank {
🤖 Prompt for AI Agents 
In audit_engine/smart_contracts/reentrancy/40756.sol around lines 1 to 3, the
file is missing the SPDX license identifier and Solidity pragma; add a
SPDX-License-Identifier comment (e.g., "// SPDX-License-Identifier: MIT") on the
very first line and immediately below it add a pragma solidity statement (e.g.,
"pragma solidity ^0.8.0;") to specify the compiler version range supported by
the contract.

mapping (address => uint) public balances;

function CashOut(uint _am) {
if(_am <= balances[msg.sender]) {
if(msg.sender.call.value(_am)()) {
balances[msg.sender] -= _am;
}
}
}
}
10 changes: 10 additions & 0 deletions audit_engine/smart_contracts/reentrancy/40757.sol
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@

contract Reentrance {

mapping (address => uint) userBalance;

function withdrawBalance(){
if(!(msg.sender.call.value(userBalance[msg.sender])())){ throw; }
userBalance[msg.sender] = 0;
}
Comment on lines +2 to +9
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

❓ Verification inconclusive

Legacy patterns: pin compiler; consider explicit visibility.

This uses throw and legacy .call.value(...)(); it must compile on 0.4.x. Add SPDX/pragma and make visibility explicit to reduce warnings while preserving the vulnerable flow.

+// SPDX-License-Identifier: UNLICENSED
+pragma solidity 0.4.25;
+
+/// @dev Intentionally vulnerable to reentrancy for audit_engine tests. DO NOT DEPLOY.
 contract Reentrance {
@@
-    function withdrawBalance(){
+    function withdrawBalance() public {
         if(!(msg.sender.call.value(userBalance[msg.sender])())){ throw; }
         userBalance[msg.sender] = 0;
     }

If you want to avoid the deprecated throw while keeping 0.4.x, you can swap it for revert(); with identical control flow.

Critical: reentrancy — external call before state update in withdrawBalance

File: audit_engine/smart_contracts/reentrancy/40757.sol Lines: 2–9

  • Problem: msg.sender.call.value(userBalance[msg.sender])() executes before userBalance[msg.sender] = 0 — allows reentrant calls to drain funds.
  • Remediation: move the state update before the external call (checks → effects → interactions) or use a pull-payments/ReentrancyGuard pattern; replace deprecated throw with revert(); add SPDX and an explicit pragma and mark withdrawBalance visibility explicitly.
🤖 Prompt for AI Agents 
In audit_engine/smart_contracts/reentrancy/40757.sol around lines 2 to 9,
withdrawBalance performs an external call before updating state and uses
deprecated throw and lacks SPDX/pragma/visibility; fix by following
checks→effects→interactions: read the balance into a local uint, set
userBalance[msg.sender] = 0 before making the external transfer (or
alternatively implement a pull-payment pattern or add a ReentrancyGuard),
replace throw with revert() or require-based error handling, and add an SPDX
license identifier, an explicit pragma solidity version, and an explicit
visibility specifier (e.g., public) on withdrawBalance.

}
13 changes: 13 additions & 0 deletions audit_engine/smart_contracts/reentrancy/40758.sol
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@

contract Reentrance {

mapping(address => uint) public balances;

function withdraw(uint _amount) public {
if(balances[msg.sender] >= _amount) {
if(msg.sender.call.value(_amount)()) {
balances[msg.sender] -= _amount;
}
}
}
}
11 changes: 11 additions & 0 deletions audit_engine/smart_contracts/reentrancy/40761.sol
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@

contract SendBalance {

Comment on lines +1 to +3
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

🧩 Analysis chain

Add SPDX and pin compiler version for deterministic builds.

Missing license identifier and pragma. Without a pragma these may compile against 0.8.x and fail.

Apply:

+// SPDX-License-Identifier: MIT
+pragma solidity 0.4.26;
 
 contract SendBalance {

🏁 Script executed:

#!/bin/bash
# Verify all .sol files in this PR declare a pragma and count deprecated patterns.
fd -e sol audit_engine/smart_contracts/reentrancy \
 | while read f; do rg -n '^\s*pragma\s+solidity' "$f" >/dev/null || echo "MISSING_PRAGMA: $f"; done
rg -nH 'throw|\.call\.value\s*\(' audit_engine/smart_contracts/reentrancy

Length of output: 5129

🏁 Script executed:

#!/bin/bash
set -euo pipefail

f="audit_engine/smart_contracts/reentrancy/40761.sol"
echo "=== SHOWING $f (first 120 lines) ==="
sed -n '1,120p' "$f" || echo "ERROR: failed to read $f"

echo
echo "=== SEARCH FOR SPDX / PRAGMA IN $f ==="
rg -n --hidden --no-ignore-case "^\s*//\s*SPDX-License-Identifier|^\s*pragma\s+solidity" "$f" || echo "no SPDX/pragma lines found in $f"

echo
echo "=== DIRECTORY-WIDE: report files without a pragma or SPDX ==="
for sol in $(rg -n --files --hidden "audit_engine/smart_contracts/reentrancy" | rg -n "\.sol$" -n | sed -n '1,$p' 2>/dev/null || true); do
  # fallback: list all .sol under directory if above fails
  :
done

# Robust listing of .sol files and check for pragma/SPDX
find audit_engine/smart_contracts/reentrancy -type f -name '*.sol' -print0 \
  | xargs -0 -n1 bash -c 'f="$0"; has=$(rg -n "^\s*pragma\s+solidity|^\s*//\s*SPDX-License-Identifier" "$f" || true); if [ -z "$has" ]; then echo "MISSING_PRAGMA_OR_SPDX: $f"; else echo "OK: $f"; fi'

Length of output: 3993

Add SPDX license identifier and pin compiler version for deterministic builds.

audit_engine/smart_contracts/reentrancy/40761.sol (and multiple files in the same directory) are missing an SPDX header and a pragma; the code uses throw and msg.sender.call.value(...)() which target Solidity 0.4.x. Add the following at the top of the file(s):

+// SPDX-License-Identifier: MIT
+pragma solidity 0.4.26;
 
 contract SendBalance {
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
contract SendBalance {
// SPDX-License-Identifier: MIT
pragma solidity 0.4.26;
contract SendBalance {
🤖 Prompt for AI Agents 
In audit_engine/smart_contracts/reentrancy/40761.sol around lines 1 to 3, the
file is missing an SPDX license identifier and a pinned Solidity compiler
pragma; add an SPDX license header at the very top and immediately below it add
a pragma that pins the compiler to a compatible 0.4.x release (choose a specific
0.4.x version used by the codebase, e.g. 0.4.24) so builds are deterministic;
apply the same change to the other files in the directory that also lack SPDX
and a 0.4.x pragma.

mapping (address => uint) userBalances ;
bool withdrawn = false ;

function withdrawBalance(){
if (!(msg.sender.call.value(userBalances[msg.sender])())) { throw; }
userBalances[msg.sender] = 0;
}
}
12 changes: 12 additions & 0 deletions audit_engine/smart_contracts/reentrancy/40762.sol
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@

contract SimpleDAO {

mapping (address => uint) public credit;

function withdraw(uint amount) public {
if (credit[msg.sender] >= amount) {
require(msg.sender.call.value(amount)());
credit[msg.sender] -= amount;
}
}
}
12 changes: 12 additions & 0 deletions audit_engine/smart_contracts/reentrancy/40764.sol
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@

contract SimpleDAO {

Comment on lines +1 to +3
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

Add SPDX and pragma.

+// SPDX-License-Identifier: MIT
+pragma solidity 0.4.26;
 
 contract SimpleDAO {
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
contract SimpleDAO {
// SPDX-License-Identifier: MIT
pragma solidity 0.4.26;
contract SimpleDAO {
🤖 Prompt for AI Agents 
In audit_engine/smart_contracts/reentrancy/40764.sol around lines 1 to 3, the
file is missing an SPDX license identifier and a Solidity pragma; add a
top-of-file SPDX line (e.g., "// SPDX-License-Identifier: MIT") followed by a
pragma solidity declaration (e.g., "pragma solidity ^0.8.0;") placed before the
contract declaration to specify the compiler version and license.

mapping (address => uint) public credit;

function withdraw(uint amount) {
if (credit[msg.sender] >= amount) {
msg.sender.call.value(amount)();
credit[msg.sender] -= amount;
}
}
}
13 changes: 13 additions & 0 deletions audit_engine/smart_contracts/reentrancy/40765.sol
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@

contract Victim {

mapping(address => uint) public balances;

function withdraw(uint _amount) public {
if(balances[msg.sender] >= _amount) {
if(msg.sender.call.value(_amount)()) {
balances[msg.sender] -= _amount;
}
}
}
}