nonReentrant modifier isn't necessary for releaseToken function

[code423n4]

Handle

defsec

Vulnerability details

Impact

The modifier is not necessary on the function.

Proof of Concept

1. Navigate to the following contract code.

"https://github.com/code-423n4/2021-11-nested/blob/5d113967cdf7c9ee29802e1ecb176c656386fe9b/contracts/FeeSplitter.sol#L116"

Tools Used

None

Recommended Mitigation Steps

Consider to delete redundant nonReentrancy modifier.

[adrien-supizet]

It is necessary here as the external call could be to a malicious token, which tries to empty the balance due to all shareholders.

It is rather non-critical as this token would probably hold not much value. But this is still a security issue.

[alcueca]

Deep in there, there is a call to token.balanceOf, dispute accepted.