DittoETH

Ditto
DeFiFoundryOracle
55,000 USDC
View results
Submission Details
Severity: medium
Invalid

Lack of Input Validation in the cancel functions

Summary

The contract does not validate the id parameter in the cancel functions

Vulnerability Details

The smart contract currently lacks validation for the 'id' parameter within the cancel functions(cancelBid, cancelAsk, and cancelShort)If an id that does not exist or has already been cancelled is passed, the contract will still execute the function and could potentially alter the state of the contract in an unintended way.

Impact

File Path: 2023-09-ditto/contracts/facets/OrdersFacet.sol
Line: 79

File Path: 2023-09-ditto/contracts/facets/OrdersFacet.sol
Line: 55

File Path: 2023-09-ditto/contracts/facets/OrdersFacet.sol
Line: 29

Tools Used

Manual

Recommendations

To resolve this issue, you should add a validation check for the 'id' parameter at the beginning of each cancel function. This check should ensure that the 'id' exists within the respective mapping and that the order has not already been cancelled. If the 'id' does not exist or the order has already been cancelled, the function should revert with an appropriate error message. Here is an example of how you could implement this for the 'cancelBid' function:

function cancelBid(address asset, uint16 id)
external
onlyValidAsset(asset)
nonReentrant
{
require(s.bids[asset][id].addr != address(0), "Bid does not exist");
require(s.bids[asset][id].orderType != O.Cancelled, "Bid already cancelled");
// Rest of the function...
}

You should add similar checks to the 'cancelAsk' and 'cancelShort' functions. This will prevent the contract from executing these functions with invalid 'id' parameters and ensure that the state of the contract is not altered in an unintended way.

Updates

Lead Judging Commences

0xnevi Lead Judge
over 1 year ago
0xnevi Lead Judge over 1 year ago
Submission Judgement Published
Invalidated
Reason: Other

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.