search

code-423n4 / 2023-09-delegate-findings

2 stars 1 forks source link

Return value of ETH #361

Closed c4-submissions closed 10 months ago

c4-submissions commented 10 months ago

Lines of code

https://github.com/delegatexyz/delegate-registry/blob/6d1254de793ccc40134f9bec0b7cb3d9c3632bc1/src/DelegateRegistry.sol#L155-L158

Vulnerability details

Impact

It is recommended that the return values of ether transfers be checked, however if transfer to the hardcoded address fails, it does not revert.

Proof of Concept

        uint256 sc = uint256(uint160(0x0000000000000000000000000000000000000000));
        assembly ("memory-safe") {
            let result := call(gas(), sc, selfbalance(), 0, 0, 0, 0)
        }
    }

The return value is unchecked, even though it is cached in the function.

Tools Used

Manual Review

Recommended Mitigation Steps

Require that the result is true. Update the function with :

   assembly ("memory-safe") {
            let result := call(gas(), sc, selfbalance(), 0, 0, 0, 0)
        }
        require(result, "Transfer FAILED");
    }

Assessed type

ETH-Transfer

c4-judge commented 10 months ago

GalloDaSballo marked the issue as unsatisfactory: Overinflated severity

GalloDaSballo commented 10 months ago

Function is self contained, sent as Med, Overly inflated