Skip to content

Instantly share code, notes, and snippets.

@p0n1

p0n1/more_results.md

Last active June 28, 2018 10:56
Show Gist options
  • Save p0n1/372800036496656415df2655d9e84ce4 to your computer and use it in GitHub Desktop.
Save p0n1/372800036496656415df2655d9e84ce4 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
more_results.md

Analysis results for contracts/eip721/EIP721.sol

Message call to external contract

  • Type: Informational
  • Contract: Unknown
  • Function name: mint(string,address,uint256)
  • PC address: 6818

Description

This contract executes a message call to to another contract. Make sure that the called contract is trusted and does not execute user-supplied code. In file: contracts/UjoPatronageBadges.sol:58

Code

oracle.getUintPrice()

Transaction order dependence

  • Type: Warning
  • Contract: Unknown
  • Function name: mint(string,address,uint256)
  • PC address: 6818

Description

A possible transaction order independence vulnerability exists in function mint(string,address,uint256). The value or direction of the call statement is determined from a tainted storage location In file: contracts/UjoPatronageBadges.sol:58

Code

oracle.getUintPrice()

Exception state

  • Type: Informational
  • Contract: Unknown
  • Function name: burnToken(uint256)
  • PC address: 10925

Description

A reachable exception (opcode 0xfe) has been detected. This can be caused by type errors, division by zero, out-of-bounds array access, or assert violations. This is acceptable in most situations. Note however that assert() should only be used to check invariants. Use require() for regular input checking. In file: contracts/eip721/EIP721.sol:293

Code

allTokens[allTokensLength - 1]
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment