Description:Description\
This issue can lead to a scenario where
revoked roles still have authorised access to modules
roles are not granted successfully without issues
The AUT_Roles_v1 contract inherits from AccessControlEnumerableUpgradeable contract. When roles are granted or revoked either singly or in batches, the AccessControlEnumerableUpgradeable::_grantRole(...) and AccessControlEnumerableUpgradeable::_revokeRoleRole(...) functions are called internally to complete the process.
However, these functions return an unchecked boolean granted and revoked for each perculiar case that signifies whether or not the roles were successfully granted or revoked.
These checks are not implemented in the AUT_Roles_v1 contract and as such it is possible that a role/roles is/are grant or revoked from a module without success and the call will not revert.
Attack Scenario\
Describe how the vulnerability can be exploited.
Attachments
Proof of Concept (PoC) File
Revised Code File (Optional)
Modify the
AUT_Roles_v1::grantRoleFromModule(...)
AUT_Roles_v1::grantRoleFromModuleBatched(...)
AUT_Roles_v1::revokeRoleFromModule(...)
AUT_Roles_v1::revokeRoleFromModuleBatched(...)
functions respectively as shown below
Github username: @Audinarey Twitter username: audinarey Submission hash (on-chain): 0x3e2f16039e1880e6e83efdb93abd1b55ad96b80e17faaa56eb46b5630e21d6c4 Severity: medium
Description: Description\ This issue can lead to a scenario where
The
AUT_Roles_v1
contract inherits fromAccessControlEnumerableUpgradeable
contract. When roles are granted or revoked either singly or in batches, theAccessControlEnumerableUpgradeable::_grantRole(...)
andAccessControlEnumerableUpgradeable::_revokeRoleRole(...)
functions are called internally to complete the process.However, these functions return an unchecked boolean
granted
andrevoked
for each perculiar case that signifies whether or not the roles were successfully granted or revoked.These checks are not implemented in the
AUT_Roles_v1
contract and as such it is possible that a role/roles is/are grant or revoked from a module without success and the call will not revert.Attack Scenario\ Describe how the vulnerability can be exploited.
Attachments
Proof of Concept (PoC) File
Revised Code File (Optional)
Modify the
AUT_Roles_v1::grantRoleFromModule(...)
AUT_Roles_v1::grantRoleFromModuleBatched(...)
AUT_Roles_v1::revokeRoleFromModule(...)
AUT_Roles_v1::revokeRoleFromModuleBatched(...)
functions respectively as shown below