Platform: Code4rena
Start Date: 11/11/2022
Pot Size: $36,500 USDC
Total HM: 5
Participants: 62
Period: 3 days
Judge: berndartmueller
Id: 181
League: ETH
Rank: 37/62
Findings: 1
Award: $66.81
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: rotcivegaf
Also found by: 0x4non, 0xDecorativePineapple, 9svR6w, Trust, V_B, adriro, ajtra, aviggiano, brgltd, carlitox477, chaduke, codexploder, corerouter, joestakey, ladboy233, s3cunda, saian, wait
66.8068 USDC - $66.81
https://github.com/code-423n4/2022-11-non-fungible/blob/main/contracts/Exchange.sol#L161 https://github.com/code-423n4/2022-11-non-fungible/blob/main/contracts/Exchange.sol#L209
The current implementation of _returnDust() does not check assembly call's return value. So even if the call does not succeed, the whole execute() transaction will succeed. In this way, a user's ETH may be stuck in the contract if _returnDust() fails to send back ETH and will be claimed by another user later on.
https://github.com/code-423n4/2022-11-non-fungible/blob/main/contracts/Exchange.sol#L161
https://github.com/code-423n4/2022-11-non-fungible/blob/main/contracts/Exchange.sol#L209
Modify current implementation of _returnDust() to check assembly call's return value and change the codes to as follows.
function _returnDust() private { bool callStatus = true;
uint256 _remainingETH = remainingETH; assembly { if gt(_remainingETH, 0) { callStatus := call( gas(), caller(), selfbalance(), 0, 0, 0, 0 ) } } require(callStatus, "Return dust failed"); }
#0 - c4-judge
2022-11-16T11:56:10Z
berndartmueller marked the issue as duplicate of #90
#1 - c4-judge
2022-11-16T11:56:17Z
berndartmueller marked the issue as satisfactory