The manager.call{value: _assets[i].amount - _nativePurchased}(""); line in the returnUnpurchasedNative function performs an unchecked external call, leading potential exploit
Summary
The manager.call{value: _assets[i].amount - _nativePurchased}(""); line in the returnUnpurchasedNative function performs an unchecked external call, which may lead to unexpected behavior and could potentially be exploited.
An attacker may manipulate the call to exploit vulnerabilities or interfere with the contract's intended behavior.
Vulnerability Details
Code Snippet:
The manager.call{value: _assets[i].amount - _nativePurchased}(""); line in the returnUnpurchasedNative function performs an unchecked external call.
Impact
Performing an unchecked external call can result in unexpected behavior and poses a security risk. If the external call fails or the target address (manager in this case) reverts, the contract execution continues without any error handling. This may lead to an inconsistent state in the contract or even financial losses.
Tools Used
Manual Code Review
Recommendations
To address the unchecked external call in the returnUnpurchasedNative function, the following recommendations are provided:
-
Check External Call Success:
Ensure that external calls are checked for success by capturing the return value and verifying that it is
true. This helps prevent unintended consequences in case the external call fails.
(bool _sent, ) = manager.call{value: _assets[i].amount - _nativePurchased}("");require(_sent, "external call failed"); -
Implement ReentrancyGuard:
Consider implementing the ReentrancyGuard pattern to mitigate reentrancy issues. This involves using the
nonReentrantmodifier to prevent reentrancy attacks during external calls.
import "@openzeppelin/contracts-upgradeable/security/ReentrancyGuardUpgradeable.sol";contract LiquidationPool is ILiquidationPool, ReentrancyGuardUpgradeable {// Existing contract code...function returnUnpurchasedNative(ILiquidationPoolManager.Asset[] memory _assets, uint256 _nativePurchased) private nonReentrant {for (uint256 i = 0; i < _assets.length; i++) {// Existing function logic...(bool _sent, ) = manager.call{value: _assets[i].amount - _nativePurchased}("");require(_sent, "external call failed");// Existing function logic...}}// Existing contract code...}
By implementing these recommendations, the contract can enhance security by ensuring proper handling of external calls and mitigating potential reentrancy vulnerabilities.
Lead Judging Commences
informational/invalid
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.