Closed code423n4 closed 1 year ago
In case the proxy is self destructed or an error is made by the owner, the call should do nothing. Also there is already a check here assuming the owner behaves correctly
Picodes changed the severity to QA (Quality Assurance)
0xhiroshi marked the issue as sponsor disputed
Picodes marked the issue as grade-c
Lines of code
https://github.com/code-423n4/2022-11-looksrare/blob/e3b2c053f722b0ca2dce3a3eb06f64859b8b7a6f/contracts/LooksRareAggregator.sol#L88-L101
Vulnerability details
Impact
Buyers can set the bool flag
isAtomic
to disable partial executions. But if the proxy address doesn't exist (e.g a previously approved valid proxy was selfdestructed orowner
aproved the wrong address by mistake), thedelegatecall
to this non-existent proxy will return true (delegatecall
does not rethrow exceptions to their caller), therefore even ifisAtomic
is set totrue
theexecute
function will not revert and partial executions will go through.Proof of Concept
The following test expects a revert as we are calling
execute
with a valid trade,isAtomic
flag set, but on a non-existent proxy. But as discussed above, it does not revert and test fail.Recommended Mitigation Steps
Please consider adding a check for proxy existence before calling
delegatecall
.