raymogg
commented
3 years ago Duplicate of #107
Open code423n4 opened 3 years ago
raymogg
commented
3 years ago Duplicate of #107
loudoguno
commented
3 years ago changed 1 to 0 as per judges sheet
ninek9
commented
3 years ago opened and removed duplicate label per judge.
Handle
JMukesh
Vulnerability details
Impact
Due lack of input validation for receiptId in claimEscrow() it accept any receiptId . Invalid receiptId will pass this condition which make this require() useless becaues by default receipt.escrowClaimed will be false for invalid Id
require(!receipt.escrowClaimed, "LIQ: Escrow claimed");
Proof of Concept
https://github.com/code-423n4/2021-06-tracer/blob/74e720ee100fd027c592ea44f272231ad4dfa2ab/src/contracts/Liquidation.sol#L109
Tools Used
manual review
Recommended Mitigation Steps
add condition to check that id is in valid range