Closed morsiiik closed 2 months ago
Please check the following false positives:
1) When a token overrides transferFrom and calls super: super.transferFrom(_from, _to, _value) https://arbiscan.io/address/0x00207cdc7b29c9ed857dace7311c713a054185dd
super.transferFrom(_from, _to, _value)
2) Second argument to is not controlled: transferFrom(_fundingAccount, address(this), _amount) https://arbiscan.io/address/0x005906f3bC2d756CdF9e49930BCa4bfB76a80246#code
to
transferFrom(_fundingAccount, address(this), _amount)
3) There is some access control validation, e.g. onlyOwner, you can try to use pattern-sanitizers, example (https://arbiscan.io/address/0x01e9B35785eF3f7Ef2677c371442976bd550f320):
pattern-sanitizers
function pluginTransfer(address _token, address _account, address _receiver, uint256 _amount) external override { _validatePlugin(_account); IERC20(_token).safeTransferFrom(_account, _receiver, _amount); }
Please check the following false positives:
1) When a token overrides transferFrom and calls super:
super.transferFrom(_from, _to, _value)https://arbiscan.io/address/0x00207cdc7b29c9ed857dace7311c713a054185dd2) Second argument
tois not controlled:transferFrom(_fundingAccount, address(this), _amount)https://arbiscan.io/address/0x005906f3bC2d756CdF9e49930BCa4bfB76a80246#code3) There is some access control validation, e.g. onlyOwner, you can try to use
pattern-sanitizers, example (https://arbiscan.io/address/0x01e9B35785eF3f7Ef2677c371442976bd550f320):