Reentrancy Attack -How to do it on this sell function?

Question

Hey there guys how are u , can someone help me on this ?
I want to do a REENTRANCY on this Dex , how can i change the code on sell function to stell ETH ,when somebody wanna sell theyr token throught sell function ? https://ethereum.org/en/developers/tutorials/transfers-and-approval-of-erc-20-tokens-from-a-solidity-smart-contract/

The function is this :

function sell(uint256 amount) public {
require(amount > 0, "You need to sell at least some tokens");
uint256 allowance = token.allowance(msg.sender, address(this));
require(allowance >= amount, "Check the token allowance");
token.transferFrom(msg.sender, address(this), amount);
msg.sender.transfer(amount);
emit Sold(amount);
}

How To Modify this function to make it vulnerable to reentrancy ? #PLEASEHELP

Answer 1

The function you mentioned doesn't use any contract state, so it has a good resistance to reentrancy attacks. In general, to enable a function to be abused with a reentrancy attack, you will need to make it change the local state of the contract after an external call. your function might be changed to something like this :

mapping(address => uint256) allowances;
function sell(uint256 amount) public {
require(amount > 0, "You need to sell at least some tokens");
require(allowances[msg.sender] >= amount, "Check the token allowance");
msg.sender.transfer(amount);
token.transferFrom(msg.sender, address(this), amount);
allowances[msg.sender].sub(amount)
emit Sold(amount);
}

as you can see, here we can recall the same sell function before the first have subtracted the amount from the allowances and thus being able to sell again even if the sender doesn't have a sufficient allowance.

Note: The original function might be exploitable via a cross contract reentrancy attack since it doesn't check if the token.transferFrom has succeeded or not although that seems to be a standard error.