DittoETH

Ditto
DeFiFoundryOracle
55,000 USDC
View results
Submission Details
Severity: high
Invalid

Incorrect Implementation of nonReentrant Modifier

Summary

The nonReentrant modifier is implemented incorrectly

Vulnerability Details

The nonReentrant modifier is implemented incorrectly. It sets reentrantStatus back to Constants.NOT_ENTERED immediately after setting it to Constants.ENTERED, which doesn't prevent reentrant calls. It should be set back to Constants.NOT_ENTERED after the function execution.

Impact

Tools Used

Manual

Recommendations

The following is a revised version of your nonReentrant modifier:

modifier nonReentrant() {
require(s.reentrantStatus != Constants.ENTERED, "Detected a reentrant call");
s.reentrantStatus = Constants.ENTERED;
_;
s.reentrantStatus = Constants.NOT_ENTERED;
}

This modifier ensures that the associated function cannot be re-entered while it is still being executed. If a reentrant call is detected, the function execution will be halted. After the function execution, the status is reset to NOT_ENTERED to allow future calls.

Updates

Lead Judging Commences

0xnevi Lead Judge
over 1 year ago
0xnevi Lead Judge over 1 year ago
Submission Judgement Published
Invalidated
Reason: Other

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.