Router._handleTransferIn(address,uint256,address) on lines 203 and 207 ignores the boolean return on transfers. This is a brittle implementation because it relies on the boolean return value being hard-coded to true. Tokens may return false instead of reverting and this could cause unexpected transference results.
SamusElderg
commented
3 years ago 
ghoul-sol
Handle
heiho1
Vulnerability details
Impact
Router._handleTransferIn(address,uint256,address) on lines 203 and 207 ignores the boolean return on transfers. This is a brittle implementation because it relies on the boolean return value being hard-coded to true. Tokens may return false instead of reverting and this could cause unexpected transference results.
Proof of Concept
https://github.com/code-423n4/2021-07-spartan/blob/e2555aab44d9760fdd640df9095b7235b70f035e/contracts/Router.sol#L203
Tools Used
Slither
Recommended Mitigation Steps
There is no particular disadvantage to a
require(success, "!transfer")check.