Closed sherlock-admin4 closed 5 months ago
bareli
medium
in _toftCustomComposeReceiver when msgType == MSG_XCHAIN_LEND_XCHAIN_LOCK ,we are not returning anything.I think return true is missing from the code.
function _toftCustomComposeReceiver(uint16 _msgType, address, bytes memory _toeComposeMsg) internal override returns (bool success) { if (_msgType == MSG_LEVERAGE_UP) { _executeModule( uint8(ITOFT.Module.TOFTMarketReceiver), abi.encodeWithSelector(TOFTMarketReceiverModule.leverageUpReceiver.selector, _toeComposeMsg), false ); return true; } else if (_msgType == MSG_XCHAIN_LEND_XCHAIN_LOCK) { _executeModule( uint8(ITOFT.Module.TOFTOptionsReceiver), abi.encodeWithSelector( TOFTOptionsReceiverModule.mintLendXChainSGLXChainLockAndParticipateReceiver.selector, _toeComposeMsg ), false @> ); } else { return false; } } }
If " _msgType == MSG_XCHAIN_LEND_XCHAIN_LOCK " we will not get any return in _toftCustomComposeReceiver.
https://github.com/sherlock-audit/2024-02-tapioca/blob/main/TapiocaZ/contracts/tOFT/modules/mTOFTReceiver.sol#L41
Manual Review
function _toftCustomComposeReceiver(uint16 _msgType, address, bytes memory _toeComposeMsg) internal override returns (bool success) { if (_msgType == MSG_LEVERAGE_UP) { _executeModule( uint8(ITOFT.Module.TOFTMarketReceiver), abi.encodeWithSelector(TOFTMarketReceiverModule.leverageUpReceiver.selector, _toeComposeMsg), false ); return true; } else if (_msgType == MSG_XCHAIN_LEND_XCHAIN_LOCK) { _executeModule( uint8(ITOFT.Module.TOFTOptionsReceiver), abi.encodeWithSelector( TOFTOptionsReceiverModule.mintLendXChainSGLXChainLockAndParticipateReceiver.selector, _toeComposeMsg ), false );
@> return true; } else { return false; } }
}
Duplicate of https://github.com/sherlock-audit/2024-02-tapioca-judging/issues/63
cryptotechmaker
commented
5 months ago cryptotechmaker
commented
5 months ago
bareli
medium
missing return in '_toftCustomComposeReceiver'
Summary
in _toftCustomComposeReceiver when msgType == MSG_XCHAIN_LEND_XCHAIN_LOCK ,we are not returning anything.I think return true is missing from the code.
Vulnerability Detail
function _toftCustomComposeReceiver(uint16 _msgType, address, bytes memory _toeComposeMsg) internal override returns (bool success) { if (_msgType == MSG_LEVERAGE_UP) { _executeModule( uint8(ITOFT.Module.TOFTMarketReceiver), abi.encodeWithSelector(TOFTMarketReceiverModule.leverageUpReceiver.selector, _toeComposeMsg), false ); return true; } else if (_msgType == MSG_XCHAIN_LEND_XCHAIN_LOCK) { _executeModule( uint8(ITOFT.Module.TOFTOptionsReceiver), abi.encodeWithSelector( TOFTOptionsReceiverModule.mintLendXChainSGLXChainLockAndParticipateReceiver.selector, _toeComposeMsg ), false @> ); } else { return false; } } }
Impact
If " _msgType == MSG_XCHAIN_LEND_XCHAIN_LOCK " we will not get any return in _toftCustomComposeReceiver.
Code Snippet
https://github.com/sherlock-audit/2024-02-tapioca/blob/main/TapiocaZ/contracts/tOFT/modules/mTOFTReceiver.sol#L41
Tool used
Manual Review
Recommendation
function _toftCustomComposeReceiver(uint16 _msgType, address, bytes memory _toeComposeMsg) internal override returns (bool success) { if (_msgType == MSG_LEVERAGE_UP) { _executeModule( uint8(ITOFT.Module.TOFTMarketReceiver), abi.encodeWithSelector(TOFTMarketReceiverModule.leverageUpReceiver.selector, _toeComposeMsg), false ); return true; } else if (_msgType == MSG_XCHAIN_LEND_XCHAIN_LOCK) { _executeModule( uint8(ITOFT.Module.TOFTOptionsReceiver), abi.encodeWithSelector( TOFTOptionsReceiverModule.mintLendXChainSGLXChainLockAndParticipateReceiver.selector, _toeComposeMsg ), false );
}