0xm3rlin
commented
8 months ago no factor
Closed c4-bot-4 closed 7 months ago
0xm3rlin
commented
8 months ago no factor
c4-pre-sort
commented
8 months ago 141345 marked the issue as sufficient quality report
141345
commented
8 months ago QA is more appropriate
c4-sponsor
commented
8 months ago 0xCalibur (sponsor) disputed
c4-judge
commented
8 months ago thereksfour changed the severity to QA (Quality Assurance)
Lines of code
https://github.com/code-423n4/2024-03-abracadabra-money/blob/main/src/blast/BlastOnboardingBoot.sol#L129
Vulnerability details
Impact
Detailed description of the impact of this finding.
Initialization Checks: Ensure initialize can't be called more than once.
Proof of Concept
Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept.
@> function initialize(Router _router) external onlyOwner { router = Router(payable(_router)); factory = IFactory(router.factory()); emit LogInitialized(_router); }
Tools Used
Recommended Mitigation Steps
use a variable initializer so that it can be initialized once. bool initializer;
function initialize(Router _router) external onlyOwner { if(initializer){ revert(); } router = Router(payable(_router)); factory = IFactory(router.factory()); initializer=true; emit LogInitialized(_router); }
Assessed type
Context