Comments (3)
offlinemark
commented on May 18, 2024
This one is basically "don't use address.send()"
http://solidity.readthedocs.io/en/develop/types.html#members-of-addresses
There are some dangers in using send: The transfer fails if the call stack depth is at 1024 (this can always be forced by the caller) and it also fails if the recipient runs out of gas. So in order to make safe Ether transfers, always check the return value of send, use transfer or even better: use a pattern where the recipient withdraws the money.
address.transfer() seems preferable in nearly all cases, as it automatically does error checking. i suppose the exception would be if you want to do some advanced error handling if a .send fails.
from not-so-smart-contracts.
offlinemark
commented on May 18, 2024
also mentioned here: https://github.com/ConsenSys/smart-contract-best-practices#handle-errors-in-external-calls
from not-so-smart-contracts.
offlinemark
commented on May 18, 2024
also sorry for changing the name of this issue :( the original was better
from not-so-smart-contracts.
Related Issues (20)
- Add Time Dependence Vuln
- solidity compile warnings which are errors HOT 1
- Rubixi solc error
- KingOfTheEtherThrone solc error
- Add Out of Gas Vuln HOT 2
- Add examples to Bad Randomness
- Add bad use of tx.origin HOT 7
- DoS writeup HOT 1
- Strange description in "missing constructor" section HOT 1
- Add a Race Condition Vuln
- Make a table for the honeypots on the readme
- CLAAssistant do not work HOT 1
- Integer overflow vulnerability not applicable in Solidity 0.8.0 and up
- Security Scan of your project
- Update the Readme HOT 2
- New Reentrancy Vuln HOT 1
- Transaction Ordering Vuln HOT 10
- DOS with Unexpected Revert Vuln HOT 1
- Add Reference to “Send with Throw Griefing” HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from not-so-smart-contracts.