search

code-423n4 / 2023-01-drips-findings

0 stars 2 forks source link

Calculating function for ERC-1967 slot pointer is not hashing right with abi.encode #135

Closed code423n4 closed 1 year ago

code423n4 commented 1 year ago

Lines of code

https://github.com/code-423n4/2023-01-drips/blob/9fd776b50f4be23ca038b1d0426e63a69c7a511d/src/Managed.sol#L137

Vulnerability details

Impact

_erc1967Slot function is called in 4 files but is not encoded correctly.

Proof of Concept

bytes32(uint256(keccak256(bytes(name))) - 1); should be written as bytes32(uint256(keccak256(abi.encode(bytes(name)))) - 1);

Tools Used

Manual Review

Recommended Mitigation Steps

Wrap it with abi.encode to ensure it is a right hashing

GalloDaSballo commented 1 year ago

Lacks proof https://ethereum.stackexchange.com/questions/9142/how-to-convert-a-string-to-bytes32

c4-judge commented 1 year ago

GalloDaSballo marked the issue as unsatisfactory: Insufficient proof