Open code423n4 opened 2 years ago
https://github.com/code-423n4/2022-06-connext/blob/main/contracts/contracts/core/connext/helpers/ConnextPriceOracle.sol#L125
Tprice feed must be checked if the data is really updated or not.
code review
Add the following validations.
(uint80 roundId, uint256 answer, , uint256 updatedAt, uint80 answeredInRound) = oracle.latestRoundData();
require(answeredInRound >= roundId, "error message"); require(updatedAt > 0, "error message");
Duplicate of #190
dup https://github.com/code-423n4/2022-06-connext-findings/issues/190
Missing validation for the return value of the price oracle
Lines of code
https://github.com/code-423n4/2022-06-connext/blob/main/contracts/contracts/core/connext/helpers/ConnextPriceOracle.sol#L125
Vulnerability details
Impact
Tprice feed must be checked if the data is really updated or not.
Proof of Concept
https://github.com/code-423n4/2022-06-connext/blob/main/contracts/contracts/core/connext/helpers/ConnextPriceOracle.sol#L125
Tools Used
code review
Recommended Mitigation Steps
Add the following validations.
(uint80 roundId, uint256 answer, , uint256 updatedAt, uint80 answeredInRound) = oracle.latestRoundData();
require(answeredInRound >= roundId, "error message"); require(updatedAt > 0, "error message");