Closed code423n4 closed 2 years ago
https://github.com/code-423n4/2022-04-jpegd/blob/main/contracts/vaults/FungibleAssetVaultForDAO.sol#L201
FungibleAssetVaultForDAO.sol::withdraw() uses solidity's transfer which has a hardcoded gas budget. It is unsafe to use and may lead to unintentional consequences.
FungibleAssetVaultForDAO.sol::withdraw()
transfer
FungibleAssetVaultForDAO.sol#L201
if (collateralAsset == ETH) payable(msg.sender).transfer(amount);
Using solidity's low-level call with the corresponding result check or using the OpenZeppelin Address.sendValue is advised.
call
Address.sendValue
Manual.
Duplicate of #39
See comment on #39. This is a QA issue.
Lines of code
https://github.com/code-423n4/2022-04-jpegd/blob/main/contracts/vaults/FungibleAssetVaultForDAO.sol#L201
Vulnerability details
Impact
FungibleAssetVaultForDAO.sol::withdraw()
uses solidity'stransfer
which has a hardcoded gas budget. It is unsafe to use and may lead to unintentional consequences.Proof of Concept
FungibleAssetVaultForDAO.sol#L201
Recommendation
Using solidity's low-level
call
with the corresponding result check or using the OpenZeppelinAddress.sendValue
is advised.Tools Used
Manual.