Open code423n4 opened 1 year ago
141345 marked the issue as low quality report
need to recheck the POC validity
maybe QA is more appropriate
141345 marked the issue as duplicate of #199
alcueca changed the severity to QA (Quality Assurance)
alcueca marked the issue as grade-a
Lines of code
https://github.com/code-423n4/2023-07-basin/blob/f15fe66d57c2f226c232685d16f297e54bcc0939/src/libraries/LibWellConstructor.sol#L71-L81
Vulnerability details
Impact
Writing this
does not copy the content of name in symbol, what it does is copy the POINTER to the place where the name is stored. Thus, one change in one of them leads to the other pointing to the "updated" variable, breaking the working process of the function and passing wrong arguments to the
init
function (so the high severity`Proof of Concept
From Jean Cvllr awesome tutorials about data locations we have
(you can read the Yellow paper too but the above is more user-friendly). That means the next code does the same to the two variables because both point to the same place, so one change will affect the other the same way
Because of that, the
initFunctionCall = abi.encodeWithSignature("init(string,string)", name, symbol);
is broken given the fact thatname
andsymbol
are the same.Tools Used
Manual analysis
Recommended Mitigation Steps
Use local variables instead of memory references/pointers
Assessed type
Error