diff options
author | chriseth <chris@ethereum.org> | 2017-05-02 23:33:46 +0800 |
---|---|---|
committer | Alex Beregszaszi <alex@rtfs.hu> | 2017-05-03 18:07:15 +0800 |
commit | d58a4e08daba3a672a3494402b2d448c704dd69e (patch) | |
tree | e8998d144070192f0aa7cac183cead34b3490280 | |
parent | 7e838fd4a875e6a1f7e7ec60d7b4c5502e22dde4 (diff) | |
download | dexon-solidity-d58a4e08daba3a672a3494402b2d448c704dd69e.tar.gz dexon-solidity-d58a4e08daba3a672a3494402b2d448c704dd69e.tar.zst dexon-solidity-d58a4e08daba3a672a3494402b2d448c704dd69e.zip |
Corrections and some style.
-rw-r--r-- | docs/frequently-asked-questions.rst | 2 | ||||
-rw-r--r-- | docs/security-considerations.rst | 3 | ||||
-rw-r--r-- | docs/solidity-by-example.rst | 20 |
3 files changed, 13 insertions, 12 deletions
diff --git a/docs/frequently-asked-questions.rst b/docs/frequently-asked-questions.rst index 029e32eb..03ee8388 100644 --- a/docs/frequently-asked-questions.rst +++ b/docs/frequently-asked-questions.rst @@ -665,7 +665,7 @@ What does the following strange check do in the Custom Token contract? :: - require(balanceOf[_to] + _value >= balanceOf[_to]); + require((balanceOf[_to] + _value) >= balanceOf[_to]); Integers in Solidity (and most other machine-related programming languages) are restricted to a certain range. For ``uint256``, this is ``0`` up to ``2**256 - 1``. If the result of some operation on those numbers diff --git a/docs/security-considerations.rst b/docs/security-considerations.rst index 6479eeb8..33c613d8 100644 --- a/docs/security-considerations.rst +++ b/docs/security-considerations.rst @@ -137,7 +137,8 @@ Sending and Receiving Ether depth, they can force the transfer to fail; take this possibility into account or use ``send`` and make sure to always check its return value. Better yet, write your contract using a pattern where the recipient can withdraw Ether instead. 3. Sending Ether can also fail because the execution of the recipient contract - requires more than the allotted amount of gas (explicitly by using ``revert`` or + requires more than the allotted amount of gas (explicitly by using ``require``, + ``assert``, ``revert``, ``throw`` or because the operation is just too expensive) - it "runs out of gas" (OOG). If you use ``transfer`` or ``send`` with a return value check, this might provide a means for the recipient to block progress in the sending contract. Again, the best practice here is to use diff --git a/docs/solidity-by-example.rst b/docs/solidity-by-example.rst index f6d45e0a..3d352843 100644 --- a/docs/solidity-by-example.rst +++ b/docs/solidity-by-example.rst @@ -94,7 +94,7 @@ of votes. // called incorrectly. But watch out, this // will currently also consume all provided gas // (this is planned to change in the future). - require(msg.sender == chairperson || !voters[voter].voted); + require((msg.sender == chairperson) && !voters[voter].voted); voters[voter].weight = 1; } @@ -268,11 +268,11 @@ activate themselves. // Revert the call if the bidding // period is over. - require(now < auctionStart + biddingTime); + require(now <= auctionStart + biddingTime); // If the bid is not higher, send the // money back. - require(msg.value <= highestBid); + require(msg.value > highestBid); if (highestBidder != 0) { // Sending back the money by simply using @@ -322,7 +322,7 @@ activate themselves. // external contracts. // 1. Conditions - require(now >= auctionStart + biddingTime); // auction did not yet end + require(now >= (auctionStart + biddingTime)); // auction did not yet end require(!ended); // this function has already been called // 2. Effects @@ -446,11 +446,9 @@ high or low invalid bids. onlyBefore(revealEnd) { uint length = bids[msg.sender].length; - require( - _values.length == length && - _fake.length == length && - _secret.length == length - ); + require(_values.length == length); + require(_fake.length == length); + require(_secret.length == length); uint refund; for (uint i = 0; i < length; i++) { @@ -609,8 +607,10 @@ Safe Remote Purchase // otherwise, the contracts called using `send` below // can call in again here. state = State.Inactive; - // This actually allows both the buyer and the seller to + + // NOTE: This actually allows both the buyer and the seller to // block the refund - the withdraw pattern should be used. + buyer.transfer(value); seller.transfer(this.balance)); } |