search

code-423n4 / 2023-05-ajna-findings

2 stars 0 forks source link

tokenURI function: IPool(poolKey[tokenId_]) should be checked if exists before creating a new NFT position. #374

Closed code423n4 closed 1 year ago

code423n4 commented 1 year ago

Lines of code

https://github.com/code-423n4/2023-05-ajna/blob/276942bc2f97488d07b887c8edceaaab7a5c3964/ajna-core/src/PositionManager.sol#L522 https://github.com/code-423n4/2023-05-ajna/blob/276942bc2f97488d07b887c8edceaaab7a5c3964/ajna-core/src/PositionManager.sol#L523

Vulnerability details

[H-03]

tokenURI function: IPool(poolKey[tokenId_]) should be checked if exists before creating a new NFT position.

Vulnerability Details

IPool(poolKey[tokenId_]) should be checked if exists before creating a new NFT position since this will overwrite the existing pool for the same NFT.

Impact

IPool(poolKey[tokenId_]) should be checked if exists before creating a new NFT position since this will overwrite the existing pool for the same NFT.

Proof of Concept

Instances: 2

File: 2023-05-ajna/ajna-core/src/PositionManager.sol
Line 522: address collateralTokenAddress = IPool(poolKey[tokenId_]).collateralAddress();
Line 523: address quoteTokenAddress      = IPool(poolKey[tokenId_]).quoteTokenAddress();

Tools Used

Manual Testing.

Recommended Mitigation Steps

IPool(poolKey[tokenId_]) must be checked if exists to prevent overwriting the existing pool.

Assessed type

Other

c4-judge commented 1 year ago

Picodes marked the issue as unsatisfactory: Overinflated severity