search

code-423n4 / 2023-09-delegate-findings

2 stars 1 forks source link

Failure to Return Value from Low-Level Call #299

Closed c4-submissions closed 11 months ago

c4-submissions commented 11 months ago

Lines of code

https://github.com/delegatexyz/delegate-registry/blob/6d1254de793ccc40134f9bec0b7cb3d9c3632bc1/src/DelegateRegistry.sol#L155

Vulnerability details

In Solidity, the "low-level call" operation, often used with inline assembly, is a powerful tool for interacting with external contracts. However, there is a specific bug related to low-level calls that can result in unexpected behavior.

Instances (1):

https://github.com/delegatexyz/delegate-registry/blob/6d1254de793ccc40134f9bec0b7cb3d9c3632bc1/src/DelegateRegistry.sol#L155C7-L157C10

File: example/DelegateRegistry.sol

155. assembly ("memory-safe") {
            let result := call(gas(), sc, selfbalance(), 0, 0, 0, 0)
        }

Assessed type

Other

GalloDaSballo commented 11 months ago

QA, sent as med, from self-contained functin, closing

c4-judge commented 11 months ago

GalloDaSballo marked the issue as unsatisfactory: Overinflated severity