Vulnerability Details
Description: safeApprove() has been deprecated and the official OpenZeppelin documentation recommends using safeIncreaseAllowance() & safeDecreaseAllowance().
safeApprove has been used in the following areas
function _editParams(SwapParams memory newParams_) private {
require(newParams_.tokenIn != address(0), "L2TR: invalid tokenIn");
require(newParams_.tokenOut != address(0), "L2TR: invalid tokenOut");
TransferHelper.safeApprove(newParams_.tokenIn, router, type(uint256).max);
TransferHelper.safeApprove(newParams_.tokenIn, nonfungiblePositionManager, type(uint256).max);
TransferHelper.safeApprove(newParams_.tokenOut, nonfungiblePositionManager, type(uint256).max);
params = newParams_;
}
function editParams(SwapParams memory newParams_) external onlyOwner {
if (params.tokenIn != newParams_.tokenIn) {
TransferHelper.safeApprove(params.tokenIn, router, 0);
TransferHelper.safeApprove(params.tokenIn, nonfungiblePositionManager, 0);
}
if (params.tokenOut != newParams_.tokenOut) {
TransferHelper.safeApprove(params.tokenOut, nonfungiblePositionManager, 0);
}
_editParams(newParams_);
}
Recommendations
Consider replacing deprecated functions of OpenZeppelin contracts.