It is possible to cause
sub to overflow (or underflow) on any type of integer in Solidity.
Attacker has 5 of some ERC20 token. They spend 6, but because the token doesn't check for underflows, they wind up with 2^256 tokens.
A contract contains a dynamic array and an unsafe
popmethod. An attacker can underflow the length of the array and alter other variables in the contract.
- Use openZeppelin's safeMath library
- Validate all arithmetic