search

code-423n4 / 2022-01-dev-test-repo-findings

2 stars 1 forks source link

Unsafe use of `approve()` with `IERC20` #368

Open code423n4 opened 7 months ago

code423n4 commented 7 months ago

Lines of code

321, 215, 184, 450, 761, 217, 157, 234, 339, 386, 76, 106, 107, 108, 172, 174, 79, 80, 81, 143, 144, 80, 134, 135, 94, 151, 153

Vulnerability details

Some tokens do not implement the ERC20 standard properly but are still accepted by most code that accepts ERC20 tokens. For example Tether (USDT)'s approve() on L1 does not return a boolean as the specification requires, and instead has no return value. When these sorts of tokens are cast to IERC20, their function signatures do not match and therefore the calls made, revert (see this link for a test case). Use OpenZeppelinundefineds SafeERC20's safeApprove() instead

File: contracts/Balancer.sol

321:         erc20.approve(address(router), _amount);

File: contracts/tOFT/modules/BaseTOFTLeverageModule.sol

215:         IERC20(erc20).approve(externalData.swapper, amount);

File: contracts/tOFT/modules/BaseTOFTStrategyModule.sol

184:         _erc20.approve(address(yieldBox), _amount);

File: contracts/markets/bigBang/BigBang.sol

450:             asset.approve(address(yieldBox), totalFees);

761:         asset.approve(address(yieldBox), amount);

File: contracts/usd0/modules/USDOLeverageModule.sol

217:         IERC20(swapData.tokenOut).approve(externalData.tOft, amountOut);

File: contracts/Magnetar/modules/MagnetarMarketModule.sol

157              IERC20(collateralAddress).approve(
158                  address(yieldBox),
159                  collateralAmount
160:             );

234:             IERC20(assetAddress).approve(address(yieldBox), depositAmount);

339                  IERC20(bbCollateralAddress).approve(
340                      address(yieldBox),
341                      mintData.collateralDepositData.amount
342:                 );

386              IERC20(sglAssetAddress).approve(
387                  address(yieldBox),
388                  depositData.amount
389:             );

File: contracts/aave/AaveStrategy.sol

76:          rewardToken.approve(_multiSwapper, type(uint256).max);

File: contracts/convex/ConvexTricryptoStrategy.sol

106:         lpToken.approve(_lpGetter, type(uint256).max);

107:         lpToken.approve(_booster, type(uint256).max);

108:         rewardToken.approve(_multiSwapper, type(uint256).max);

172:         rewardToken.approve(address(swapper), 0);

174:         rewardToken.approve(_swapper, type(uint256).max);

File: contracts/curve/TricryptoLPStrategy.sol

79:          lpToken.approve(_lpGauge, type(uint256).max);

80:          lpToken.approve(_lpGetter, type(uint256).max);

81:          rewardToken.approve(_multiSwapper, type(uint256).max);

143:         rewardToken.approve(address(swapper), 0);

144:         rewardToken.approve(_swapper, type(uint256).max);

File: contracts/curve/TricryptoNativeStrategy.sol

80:          rewardToken.approve(_multiSwapper, type(uint256).max);

134:         rewardToken.approve(address(swapper), 0);

135:         rewardToken.approve(_swapper, type(uint256).max);

File: contracts/stargate/StargateStrategy.sol

94:          stgTokenReward.approve(_swapper, type(uint256).max);

151:         stgTokenReward.approve(address(swapper), 0);

153:         stgTokenReward.approve(_swapper, type(uint256).max);

Assessed type

other