search

code-423n4 / 2023-08-goodentry-findings

3 stars 2 forks source link

`initiator` in `OptionsPositionManager.executeOperation` is not checked #561

Closed code423n4 closed 1 year ago

code423n4 commented 1 year ago

Lines of code

https://github.com/code-423n4/2023-08-goodentry/blob/main/contracts/PositionManager/OptionsPositionManager.sol#L42

Vulnerability details

Impact

An attacker can execute flashloan pretending to be other user.

Proof of Concept

LendigPool.flashloan sends which user called in the parameter initiator, but it is not used in executeOperation. https://github.com/GoodEntry-io/GoodEntryMarkets/blob/master/contracts/protocol/lendingpool/LendingPool.sol.0x20#L647

Tools Used

Manual review.

Recommended Mitigation Steps

Check if initiator == user.

Assessed type

Other

c4-pre-sort commented 1 year ago

141345 marked the issue as duplicate of #110

c4-judge commented 1 year ago

gzeon-c4 marked the issue as unsatisfactory: Invalid