Closed sherlock-admin closed 1 year ago
bin2chen
medium
AssetManager.sol#removeToken/AssetManager.sol#removeAdapter No cancel approve , a security risk
when #addToken() and #addAdapter() will call approveAllTokensMax() and approveAllMarketsMax() but when remove, don't approve(0) , a security risk
A malicious moneyMarkets that has been removed still has the opportunity to transfer tokens
https://github.com/sherlock-audit/2022-10-union-finance/blob/main/union-v2-contracts/contracts/asset/AssetManager.sol#L433
https://github.com/sherlock-audit/2022-10-union-finance/blob/main/union-v2-contracts/contracts/asset/AssetManager.sol#L389
https://github.com/sherlock-audit/2022-10-union-finance/blob/main/union-v2-contracts/contracts/asset/AssetManager.sol#L396
https://github.com/sherlock-audit/2022-10-union-finance/blob/main/union-v2-contracts/contracts/asset/AssetManager.sol#L440
Manual Review
canel approve
function removeToken(address tokenAddress) external override onlyAdmin { if (isExist) { supportedTokensList[index] = supportedTokensList[supportedTokensLength - 1]; supportedTokensList.pop(); supportedMarkets[tokenAddress] = false; + approveAllMarkets(tokenAddress,0); } } function removeAdapter(address adapterAddress) external override onlyAdmin { if (isExist) { moneyMarkets[index] = moneyMarkets[moneyMarketsLength - 1]; moneyMarkets.pop(); + approveAllTokens(adapterAddress,0); }
Duplicate of #36
Looks to be dup of #36
bin2chen
medium
removeAdapter/removeToken need to cancel approve
Summary
AssetManager.sol#removeToken/AssetManager.sol#removeAdapter No cancel approve , a security risk
Vulnerability Detail
when #addToken() and #addAdapter() will call approveAllTokensMax() and approveAllMarketsMax() but when remove, don't approve(0) , a security risk
Impact
A malicious moneyMarkets that has been removed still has the opportunity to transfer tokens
Code Snippet
https://github.com/sherlock-audit/2022-10-union-finance/blob/main/union-v2-contracts/contracts/asset/AssetManager.sol#L433
https://github.com/sherlock-audit/2022-10-union-finance/blob/main/union-v2-contracts/contracts/asset/AssetManager.sol#L389
https://github.com/sherlock-audit/2022-10-union-finance/blob/main/union-v2-contracts/contracts/asset/AssetManager.sol#L396
https://github.com/sherlock-audit/2022-10-union-finance/blob/main/union-v2-contracts/contracts/asset/AssetManager.sol#L440
Tool used
Manual Review
Recommendation
canel approve
Duplicate of #36