Missing deadline check when perform swap operations.
Vulnerability Detail
Missing deadline checks allow pending transactions to be maliciously executed in the future. You need to add a deadline parameter to all functions which potentially perform a swap on the user's behalf.
Impact
Without deadline parameter, as a consequence, users can have their operations executed at unexpected times, when the market conditions are unfavorable.
You need to add deadline parameter in all swap functions.
tsvetanovv
medium
Missing deadline check when perform swap
Summary
Missing deadline check when perform swap operations.
Vulnerability Detail
Missing deadline checks allow pending transactions to be maliciously executed in the future. You need to add a deadline parameter to all functions which potentially perform a swap on the user's behalf.
Impact
Without deadline parameter, as a consequence, users can have their operations executed at unexpected times, when the market conditions are unfavorable.
You need to add deadline parameter in all swap functions.
Code Snippet
https://github.com/sherlock-audit/2023-02-gmx/blob/main/gmx-synthetics/contracts/deposit/ExecuteDepositUtils.sol#L416-L449 https://github.com/sherlock-audit/2023-02-gmx/blob/main/gmx-synthetics/contracts/swap/SwapUtils.sol https://github.com/sherlock-audit/2023-02-gmx/blob/main/gmx-synthetics/contracts/withdrawal/WithdrawalUtils.sol#L393-L419
Tool used
Manual Review
Recommendation
Introduce a
deadlineparameter in swap functions.