search

code-423n4 / 2023-08-reserve-mitigation-findings

0 stars 0 forks source link

H-01 MitigationConfirmed #7

Open code423n4 opened 1 year ago

code423n4 commented 1 year ago

Lines of code

Vulnerability details

Comments

The mitigation puts the original assetRegistry.toAsset try catch block in the beginning loop. So that, only the registered coll asset can be saved in the erc20sAll / collsAll / refAmtsAll array:

try assetRegistry.toAsset(b.erc20s[j]) returns (IAsset asset) {
    if (!asset.isCollateral()) continue; // skip token if not collateral
    erc20sAll[len] = b.erc20s[j];
    collsAll[len] = ICollateral(address(asset));

    {ref} = {1} * {ref}
    refAmtsAll[len] = amt;
    ++len;
}

The quoteCustomRedemption function won't revert because of array index out-of-bonds.

c4-judge commented 1 year ago

0xean marked the issue as satisfactory

c4-judge commented 1 year ago

0xean marked the issue as confirmed for report