From 2897abccc942f7720dcdcda4569fbb6431a0c917 Mon Sep 17 00:00:00 2001 From: Hadrien Croubois Date: Fri, 14 Jul 2023 15:31:29 +0200 Subject: [PATCH] Update ERC721.sol --- contracts/token/ERC721/ERC721.sol | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/contracts/token/ERC721/ERC721.sol b/contracts/token/ERC721/ERC721.sol index 6d775ce02..afb2a0388 100644 --- a/contracts/token/ERC721/ERC721.sol +++ b/contracts/token/ERC721/ERC721.sol @@ -192,10 +192,7 @@ abstract contract ERC721 is Context, ERC165, IERC721, IERC721Metadata, IERC721Er * @dev Returns whether `spender` is allowed to manage `owner`'s tokens, or `tokenId` in * particular (ignoring whether it is owned by `owner`). * - * WARNING: This function doesn't check that `owner` is the actual owner of the specified - * `tokenId`. Moreover, it returns true if `owner == spender` in order to skip the check where - * needed. Consider checking for cases where `spender == address(0)` since they could lead to - * unexpected behavior. + * WARNING: This function doesn't check that `owner` is the actual owner of `tokenId`. */ function _isAuthorized(address owner, address spender, uint256 tokenId) internal view virtual returns (bool) { return @@ -208,7 +205,7 @@ abstract contract ERC721 is Context, ERC165, IERC721, IERC721Metadata, IERC721Er * Reverts if `spender` has not approval for all assets of the provided `owner` nor the actual owner approved the `spender` for the specific `tokenId`. * * WARNING: This function relies on {_isAuthorized}, so it doesn't check whether `owner` is the - * actual owner of `tokenId` and will skip the check if `spender == owner` + * actual owner of `tokenId`. */ function _checkAuthorized(address owner, address spender, uint256 tokenId) internal view virtual { if (!_isAuthorized(owner, spender, tokenId)) {