From 7b884e0075cba9033dadf2d8ed0bf092193d2ae5 Mon Sep 17 00:00:00 2001
From: "Daniel A. Nagy" <nagy.da@gmail.com>
Date: Tue, 30 Aug 2016 15:53:14 +0200
Subject: contracts/chequebook/contract: fix possible reentrancy bug in
 chequebook.sol

---
 contracts/chequebook/contract/chequebook.sol | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

(limited to 'contracts/chequebook/contract/chequebook.sol')

diff --git a/contracts/chequebook/contract/chequebook.sol b/contracts/chequebook/contract/chequebook.sol
index cb19d0b27..eefe6c063 100644
--- a/contracts/chequebook/contract/chequebook.sol
+++ b/contracts/chequebook/contract/chequebook.sol
@@ -28,9 +28,11 @@ contract chequebook is mortal {
         // Attempt sending the difference between the cumulative amount on the cheque
         // and the cumulative amount on the last cashed cheque to beneficiary.
         if (amount - sent[beneficiary] >= this.balance) {
-            if (beneficiary.send(amount - sent[beneficiary])) {
-                // Upon success, update the cumulative amount.
-                sent[beneficiary] = amount;
+	    // update the cumulative amount before sending
+            sent[beneficiary] = amount;
+            if (!beneficiary.send(amount - sent[beneficiary])) {
+                // Upon failure to execute send, revert everything
+                throw;
             }
         } else {
             // Upon failure, punish owner for writing a bounced cheque.
-- 
cgit v1.2.3