Skip to content

Latest commit

 

History

History
 
 

integer_overflow

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
 
 
 
 

Integer Overflow

It is possible to cause add and sub to overflow (or underflow) on any type of integer in Solidity.

Attack Scenarios

  • Attacker has 5 of some ERC20 token. They spend 6, but because the token doesn't check for underflows, they wind up with 2^256 tokens.

  • A contract contains a dynamic array and an unsafe pop method. An attacker can underflow the length of the array and alter other variables in the contract.

Mitigations

Examples

  • In integer_overflow_1, we give both unsafe and safe version of the add operation.

  • A submission to the Underhanded Solidity Coding Contest that explots the unsafe dynamic array bug outlined above