Solidity – What Does msg.sender.call() Do in Solidity?

fallback-functionreentrant-attacksSecuritysolidity

Hi was going through solidity documentation. There was some code that I was not able to understand, even after researching a lot I was not able to find some satisfactory output. The code is as under:

contract Mutex {
  bool locked;
modifier noReentrancy() {
    require(!locked);
    locked = true;
    _;
    locked = false;
}

/// This function is protected by a mutex, which means that
/// reentrant calls from within `msg.sender.call` cannot call `f` again.
/// The `return 7` statement assigns 7 to the return value but still
/// executes the statement `locked = false` in the modifier.
  function f() public noReentrancy returns (uint) {
    require(msg.sender.call());
   return 7;
  }
}

What msg.sender.call() does? is it calling f() again? If yes then how?

Best Answer

It calls the anonymous fallback function on msg.sender.

In a typical reentrancy attack, it would be something like a withdraw function doing msg.sender.call.value(1 ether)(). The caller (a smart contract), would then call the function again, hence the "reentrancy" attack. In this snippet, the call doesn't seem to be doing anything useful, but it's just there to show that the locked variables guards against reentrancy.

Related Topic