Fixed a very vulnerable bug.

This commit is contained in:
Sowmayjain 2018-12-01 16:40:51 +05:30
parent 7a891eab62
commit da9581f643

View File

@ -240,6 +240,7 @@ contract BorrowTasks is RepayLoan {
bytes32 cdpBytes = bytes32(cdpNum);
MakerCDP loanMaster = MakerCDP(cdpAddr);
address cdpOwner = loanMaster.lad(cdpBytes);
require(cdps[cdpOwner] == blankCDP, "More than 1 CDP is not allowed.");
cdps[cdpOwner] = cdpBytes;
emit CDPClaimed(cdpBytes, msg.sender);
}