Malicious External Call

// DANGEROUS: Arbitrary external call
function execute(address target, bytes memory data) public onlyOwner {
    target.call(data);  // Can call anything!
}

// DANGEROUS: Unprotected delegatecall
function upgrade(address impl) public {
    impl.delegatecall(abi.encodeWithSignature("initialize()"));
}

// DANGEROUS: Callback to user address
function processPayment(address callback) public {
    // ... payment logic ...
    ICallback(callback).onPayment();  // User controls callback
}

// DANGEROUS: Approve then external call
function swapTokens(address router, uint256 amount) public {
    token.approve(router, type(uint256).max);  // Unlimited approval
    IRouter(router).swap(amount);  // Router is user input
}

// SAFE: Only whitelisted targets
mapping(address => bool) public approvedTargets;

function execute(address target, bytes memory data) public onlyOwner {
    require(approvedTargets[target], "Target not approved");
    target.call(data);
}

// SAFE: Validate callback contract
function processPayment(address callback) public {
    require(callback.code.length > 0, "Not a contract");
    require(trustedCallbacks[callback], "Untrusted callback");
    ICallback(callback).onPayment();
}

// SAFE: Exact approval amount
function swapTokens(address router, uint256 amount) public {
    require(trustedRouters[router], "Untrusted router");
    token.approve(router, amount);  // Exact amount only
    IRouter(router).swap(amount);
    token.approve(router, 0);  // Reset approval
}

{
  "issues": [
    {
      "tag": "external_call",
      "severity": "medium",
      "description": "Arbitrary external call with user-controlled target",
      "location": "execute(address,bytes)"
    },
    {
      "tag": "dangerous_delegatecall",
      "severity": "high",
      "description": "Delegatecall to unvalidated address",
      "location": "upgrade(address)"
    }
  ]
}