search

code-423n4 / 2024-04-panoptic-findings

2 stars 2 forks source link

Missing initializer in SemiFungiblePositionManager::initializeAMMPool #575

Closed c4-bot-5 closed 2 months ago

c4-bot-5 commented 2 months ago

Lines of code

https://github.com/code-423n4/2024-04-panoptic/blob/main/contracts/SemiFungiblePositionManager.sol#L350-L391

Vulnerability details

Impact

The absence of an initializer in the initializeAMMPool function poses a moderate risk to the stability and integrity of the contract. Without proper initialization control, there is a potential for re-initialization issues, which could compromise the functionality and security of the contract.

Proof of Concept

Add this function in SemiFungiblePositionManager.t.sol

 function test_Success_initializeAMMPool_multipleInitialize(uint256 x) public {
        _initPool(x);
        _initPool(x);  
    }

Output

Ran 1 test for test/foundry/core/SemiFungiblePositionManager.t.sol:SemiFungiblePositionManagerTest
[PASS] test_Success_initializeAMMPool_multipleInitialize(uint256) (runs: 2, μ: 1823079, ~: 1823079)

https://github.com/code-423n4/2024-04-panoptic/blob/main/contracts/SemiFungiblePositionManager.sol#L350-L391

Tools Used

Code review

Recommended Mitigation Steps

Add initializer modifier from openzeppeline library or use mutex to change value from false to true

Assessed type

Invalid Validation

c4-judge commented 2 months ago

Picodes marked the issue as unsatisfactory: Invalid