XO-The onlyCollateral modifier does not check to see if the controller().collateral() function returns a valid address.
Summary
The onlyCollateral modifier does not check to see if the controller().collateral() function returns a valid address. This means that an attacker can call the onlyCollateral modifier with a contract address that is not the collateral contract.
There is a vulnerability in the controller() function, the problem is in the the onlyCollateral modifier, it does not check to see if the controller().collateral() function returns a valid address. This means that an attacker could call the onlyCollateral modifier with a contract address that is not the collateral contract, and the modifier would not do anything. This could allow an attacker to bypass the modifier and call the function that is protected by the modifier.
Impact
An attacker can bypass the modifier and call the function that is protected by the modifier and this lead to steal funds from the contract.
XDZIBEC
medium
XO-The
onlyCollateral
modifier does not check to see if thecontroller().collateral()
function returns a valid address.Summary
The
onlyCollateral
modifier does not check to see if thecontroller().collateral()
function returns a valid address. This means that an attacker can call theonlyCollateral
modifier with a contract address that is not the collateral contract.Vulnerability Detail
controller()
function, the problem is in the theonlyCollateral
modifier, it does not check to see if thecontroller().collateral()
function returns a valid address. This means that an attacker could call theonlyCollateral
modifier with a contract address that is not thecollateral
contract, and the modifier would not do anything. This could allow an attacker to bypass the modifier and call the function that is protected by the modifier.Impact
Code Snippet
Tool used
Manual Review
Recommendation
require(controller().collateral() != address(0));
to theonlyCollateral
modifier.