Description:Description\
If a modifier does not execute _ or revert, the execution of the function will return the default value, which can be misleading for the caller.
Attack Scenario\
File: contracts/Migrations.sol
/// @audit ******************* Issue Detail *******************
Modifier Migrations.restricted() (contracts/Migrations.sol#9-11) does not always execute _; or revert
/// @audit ****************** Affected Code *******************
9: modifier restricted() {
10: if (msg.sender == owner) _;
11: }
Attachments
Proof of Concept (PoC) File
deploy contract and call setCompleted function. then call it again from another non-owner address and transaction goes through as valid, whereas it should revert.
correct the restricted modifier logic to make it revert.
krzysztofziobro
commented
4 months ago
Github username: -- Twitter username: -- Submission hash (on-chain): 0x39d905efff0da6bb9c368e184021e47895aea467c23234cc7f7aa909def97efe Severity: low
Description: Description\ If a modifier does not execute
_or revert, the execution of the function will return the default value, which can be misleading for the caller.Attack Scenario\
Attachments
setCompletedfunction. then call it again from another non-owner address and transaction goes through as valid, whereas it should revert.restrictedmodifier logic to make it revert.Files: