Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

check to prevent wallet created with more _required than _owners #66

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions wallet/wallet.sol
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,7 @@ contract multiowned {
// constructor is given number of sigs required to do protected "onlymanyowners" transactions
// as well as the selection of addresses capable of confirming them.
function multiowned(address[] _owners, uint _required) {
if (_required > 1 && _owners.length < _required -1) throw;
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is that -1 supposed to be there?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@sunny-g I believe the -1 is because _owners does not include the msg.sender which automatically becomes an owner as well. so if _owners.length is 2 then _required can be 3 (2 owners provided + the msg.sender creating the contract).

The code should be updated to make this clearer, through comments or by doing a +1 to the owners instead.

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Wow that was dumb misread. My mistake!

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If we do such checks, we should probably also check for:
if (_required == 0) throw;
Also rewriting the current condition as if (_required > _owners.length + 1) would be more readable, I think.

m_numOwners = _owners.length + 1;
m_owners[1] = uint(msg.sender);
m_ownerIndex[uint(msg.sender)] = 1;
Expand Down