From bbd2850a88beb32fcfc4af842acbd254bdb3300e Mon Sep 17 00:00:00 2001 From: Pablo Ruiz Date: Thu, 25 Oct 2018 11:11:29 -0300 Subject: [PATCH 1/2] merged the fix to ST from PR 327 --- contracts/tokens/SecurityToken.sol | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/contracts/tokens/SecurityToken.sol b/contracts/tokens/SecurityToken.sol index 7dc4fc183..a1282af42 100644 --- a/contracts/tokens/SecurityToken.sol +++ b/contracts/tokens/SecurityToken.sol @@ -521,11 +521,19 @@ contract SecurityToken is StandardToken, DetailedERC20, ReentrancyGuard, Registr * @param _data data to indicate validation * @return bool success */ - function _updateTransfer(address _from, address _to, uint256 _value, bytes _data) internal returns(bool) { + function _updateTransfer(address _from, address _to, uint256 _value, bytes _data) internal nonReentrant returns(bool) { + // NB - the ordering in this function implies the following: + // - investor counts are updated before transfer managers are called - i.e. transfer managers will eee + //investor counts including the current transfer. + // - checkpoints are updated after the transfer managers are called. This allows TMs to create + //checkpoints as though they have been created before the current transactions, + // - to avoid the situation where a transfer manager transfers tokens, and this function is called recursively, + //the function is marked as nonReentrant. This means that no TM can transfer (or mint / burn) tokens. _adjustInvestorCount(_from, _to, _value); + bool verified = _verifyTransfer(_from, _to, _value, _data, true); _adjustBalanceCheckpoints(_from); _adjustBalanceCheckpoints(_to); - return _verifyTransfer(_from, _to, _value, _data, true); + return verified; } /** From 2605ac02ec127c2862db822244436e3241e12717 Mon Sep 17 00:00:00 2001 From: Mudit Gupta Date: Thu, 25 Oct 2018 11:22:02 -0300 Subject: [PATCH 2/2] typo fix Co-Authored-By: pabloruiz55 --- contracts/tokens/SecurityToken.sol | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/contracts/tokens/SecurityToken.sol b/contracts/tokens/SecurityToken.sol index a1282af42..a1e7d3e09 100644 --- a/contracts/tokens/SecurityToken.sol +++ b/contracts/tokens/SecurityToken.sol @@ -523,7 +523,7 @@ contract SecurityToken is StandardToken, DetailedERC20, ReentrancyGuard, Registr */ function _updateTransfer(address _from, address _to, uint256 _value, bytes _data) internal nonReentrant returns(bool) { // NB - the ordering in this function implies the following: - // - investor counts are updated before transfer managers are called - i.e. transfer managers will eee + // - investor counts are updated before transfer managers are called - i.e. transfer managers will see //investor counts including the current transfer. // - checkpoints are updated after the transfer managers are called. This allows TMs to create //checkpoints as though they have been created before the current transactions,