search

code-423n4 / 2022-11-redactedcartel-findings

3 stars 2 forks source link

Reentrancy potential #389

Closed code423n4 closed 1 year ago

code423n4 commented 1 year ago

Lines of code

https://github.com/code-423n4/2022-11-redactedcartel/blob/main/src/vaults/AutoPxGmx.sol#L315 https://github.com/code-423n4/2022-11-redactedcartel/blob/main/src/vaults/AutoPxGmx.sol#L339 https://github.com/code-423n4/2022-11-redactedcartel/blob/main/src/PirexGmx.sol#L824

Vulnerability details

Impact

A reentrancy attack could be performed and can result in exploit and losing funds

Proof of Concept

https://github.com/code-423n4/2022-11-redactedcartel/blob/main/src/vaults/AutoPxGmx.sol#L339 https://github.com/code-423n4/2022-11-redactedcartel/blob/main/src/vaults/AutoPxGmx.sol#L315 https://github.com/code-423n4/2022-11-redactedcartel/blob/main/src/PirexGmx.sol#L824

Tools Used

Manual review

Recommended Mitigation Steps

Use nonReentrant modifier imported from solmate/utils/ReentrancyGuard.sol

c4-judge commented 1 year ago

Picodes marked the issue as unsatisfactory: Invalid