search

code-423n4 / 2022-01-sandclock-findings

0 stars 0 forks source link

Missing Re-entrancy Guard #184

Closed code423n4 closed 2 years ago

code423n4 commented 2 years ago

Handle

defsec

Vulnerability details

Impact

The re-entrancy guard is missing on the Eth anchor interaction. The external router interaction can cause to the re-entrancy vulnerability.

Proof of Concept

  1. Navigate to the following contract.
    function finishDepositStable(uint256 idx) external {
        require(depositOperations.length > idx, "not running");
        Operation storage operation = depositOperations[idx];
        ethAnchorRouter.finishDepositStable(operation.operator);

        pendingDeposits -= operation.amount;
        convertedUst += operation.amount;

        operation.operator = depositOperations[depositOperations.length - 1]
            .operator;
        operation.amount = depositOperations[depositOperations.length - 1]
            .amount;
        depositOperations.pop();
    }

Tools Used

Code Review

Recommended Mitigation Steps

Follow the check effect interaction pattern or put re-entrancy guard.

naps62 commented 2 years ago

this is a duplicate. can't find the original right now, but there's been a bunch of reports regarding reentrancy overall

dmvt commented 2 years ago

duplicate of #3