合约地址:https://etherscan.io/address/0x1975bb03de10f058d6048ef3f00e1a704b7a0b39#code
pragma solidity ^0.4.16; //hps //>=0.4.0无fallback函数,当向该合约发送eth时会抛出异常并回退。
contract CherryCoinFoundation {
string public name = "Cherry Coin Foundation";
string public symbol = "CHY";
uint8 public decimals = 18;
uint256 public totalSupply = 10000000000000000000000000;
uint256 public sellPrice;
uint256 public buyPrice;
mapping (address => uint256) public balanceOf;
mapping (address => mapping (address => uint256)) public allowance;
mapping (address => bool) public frozenAccount;
mapping (address => bool) public FrozenFunds;
event Transfer(address indexed from, address indexed to, uint256 value);
event Burn(address indexed from, uint256 value);
event FrozenFunds(address target, bool frozen);
event frozenAccount(address target, bool frozen);
function _transfer(address _from, address _to, uint _value) internal {
require(_to != 0x0);
require(balanceOf[_from] >= _value);
require(balanceOf[_to] + _value > balanceOf[_to]);
require(!frozenAccount[_from]);
require(!frozenAccount[_to]);
require(!FrozenFunds[_from]);
require(!FrozenFunds[_to]);
uint previousBalances = balanceOf[_from] + balanceOf[_to];
balanceOf[_from] -= _value;
balanceOf[_to] += _value;
Transfer(_from, _to, _value);
assert(balanceOf[_from] + balanceOf[_to] == previousBalances);
}
function transfer(address _to, uint256 _value) public {
_transfer(msg.sender, _to, _value);
}
function transferFrom(address _from, address _to, uint256 _value) public returns (bool success) {
require(_value <= allowance[_from][msg.sender]);
allowance[_from][msg.sender] -= _value;
_transfer(_from, _to, _value);
return true;
}
function approve(address _spender, uint256 _value) public
returns (bool success) {
allowance[msg.sender][_spender] = _value;
return true;
}
//此处也存在整数溢出漏洞,但是在_transfer中经过了严格的检查,最后仍然会抛出异常并回退。暂且不考虑
function buy() payable public {
uint amount = msg.value / buyPrice;
_transfer(this, msg.sender, amount);
}
//此处存在整数溢出漏洞,可以导致“高价低卖”
function sell(uint256 amount) public {
require(this.balance >= amount * sellPrice);
_transfer(msg.sender, this, amount);
msg.sender.transfer(amount * sellPrice);
}
function freezeAccount(address target, bool freeze) public {
frozenAccount[target] = freeze;
FrozenFunds(target, freeze);
}
//此处存在“随意铸币”漏洞
function mintToken(address target, uint256 mintedAmount) public {
balanceOf[target] += mintedAmount;
totalSupply += mintedAmount;
Transfer(0, this, mintedAmount);
Transfer(this, target, mintedAmount);
}
function setPrices(uint256 newSellPrice, uint256 newBuyPrice) public {
sellPrice = newSellPrice;
buyPrice = newBuyPrice;
}
function burn(uint256 _value) public returns (bool success) {
require(balanceOf[msg.sender] >= _value);
balanceOf[msg.sender] -= _value;
totalSupply -= _value;
Burn(msg.sender, _value);
return true;
}
function burnFrom(address _from, uint256 _value) public returns (bool success) {
require(balanceOf[_from] >= _value);
require(_value <= allowance[_from][msg.sender]);
balanceOf[_from] -= _value;
allowance[_from][msg.sender] -= _value;
totalSupply -= _value;
Burn(_from, _value);
return true;
}
}