search

code-423n4 / 2024-02-wise-lending-findings

11 stars 8 forks source link

Function Signature Collision (Ambiguity in Function Invocation) #224

Closed c4-bot-2 closed 5 months ago

c4-bot-2 commented 5 months ago

Lines of code

https://github.com/code-423n4/2024-02-wise-lending/blob/79186b243d8553e66358c05497e5ccfd9488b5e2/contracts/WiseLending.sol#L636 https://github.com/code-423n4/2024-02-wise-lending/blob/79186b243d8553e66358c05497e5ccfd9488b5e2/contracts/WrapperHub/AaveHub.sol#L238

Vulnerability details

Impact

Two functions with the same name and parameter types are defined in different contracts(WiseLending.sol and AaveHub.sol), leading to ambiguity in function invocation.

When invoking a function with the shared name and parameter types, Solidity cannot uniquely identify which function to call based solely on the function signature. This ambiguity may result in unintended behavior or errors during function execution.

Proof of Concept

In foundry, use

``

Tools Used

Manual review and foundry

Recommended Mitigation Steps

To avoid ambiguity in function invocation, use distinct function names or parameter types for functions located in different contracts. Alternatively, consider varying the function's visibility or state mutability along with the parameter types to achieve function overloading if necessary.

Assessed type

Other

c4-pre-sort commented 5 months ago

GalloDaSballo marked the issue as insufficient quality report

GalloDaSballo commented 5 months ago

Not a real issue, solidity compiler handles that

c4-judge commented 5 months ago

trust1995 marked the issue as unsatisfactory: Invalid