Skip to content

Integer overflow in mintTokens #1

Closed
@whiteHat001

Description

@whiteHat001

Hello,
I have found an integer overflow in mintTokens,the supply variable could overflow,because of the _amount variable is controlled by us and can eventually cause supply overflow to zero.

  function mintTokens(address _to, uint256 _amount) {         
    if (msg.sender != icoContractAddress) throw;            // Only ICO address can mint tokens        
    if (restrictedAddresses[_to]) throw;                    // Throw if user wants to send to restricted address       
    if (balances[_to] + _amount < balances[_to]) throw;     // Check for overflows
    supply += _amount;                                      // Update total supply
    balances[_to] += _amount;                               // Set minted coins to target
    Mint(_to, _amount);                                     // Create Mint event       
    Transfer(0x0, _to, _amount);                            // Create Transfer event from 0x
  } 

Discovered by zhihua.yao@dbappsecurity.com.cn(hackyzh)

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions