cerc-io/solidity
15
0
Fork 0
mirror of https://github.com/ethereum/solidity synced 2023-10-03 13:03:40 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Removes reference to stack depth attack

Browse Source 
Changed the old stack depth attack reference to a generic execution of an untrusted contract to keep the suggestion of the withdrawal pattern.
This commit is contained in:
Adrián Calvo 2017-08-04 14:08:37 +02:00 committed by GitHub
parent bd9e91085b
commit 8d832c7cd3
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
docs/solidity-by-example.rst
View File

@ -277,9 +277,9 @@ activate themselves.
if (highestBidder != 0) { if (highestBidder != 0) {
// Sending back the money by simply using // Sending back the money by simply using
// highestBidder.send(highestBid) is a security risk // highestBidder.send(highestBid) is a security risk
// because it can be prevented by the caller by e.g. // because it could execute an untrusted contract.
// raising the call stack to 1023. It is always safer // It is always safer to let the recipients
// to let the recipients withdraw their money themselves. // withdraw their money themselves.
pendingReturns[highestBidder] += highestBid; pendingReturns[highestBidder] += highestBid;
} }
highestBidder = msg.sender; highestBidder = msg.sender;