c4-pre-sort
commented
8 months ago 141345 marked the issue as insufficient quality report
Closed c4-bot-7 closed 8 months ago
c4-pre-sort
commented
8 months ago 141345 marked the issue as insufficient quality report
c4-judge
commented
8 months ago 0xean marked the issue as unsatisfactory: Insufficient quality
Lines of code
https://github.com/re-nft/smart-contracts/blob/3ddd32455a849c3c6dc3c3aad7a33a6c9b44c291/src/policies/Stop.sol#L348
Vulnerability details
Impact
If there are no hooks to process, the current code does not explicitly handle this scenario. Without a revert , the condition might not be working as intended.
Proof of Concept
there is apotential issue in the stopRent function of the stop.sol contract. In the specific section where hooks are processed: https://github.com/re-nft/smart-contracts/blob/3ddd32455a849c3c6dc3c3aad7a33a6c9b44c291/src/policies/Stop.sol#L348C1-L348C1
if (order.hooks.length > 0) { _removeHooks(order.hooks, order.items, order.rentalWallet); } It appears that there is no revert parameter if the logic order.hooks.length is equal to or less than 0. This means the function might proceed without handling this case.
Tools Used
Recommended Mitigation Steps
Add revert param after if
Assessed type
Other