Submission Details
Severity:
wrong hook can be uninstalled due to missing check
GitHub
https://github.com/Cyfrin/2024-07-biconomy/blob/9590f25cd63f7ad2c54feb618036984774f3879d/contracts/base/ModuleManager.sol#L258-L264
Summary
The function _uninstallHook in ModuleManager claims to ensure that the current hook matches the one intended for uninstallation, as stated in the comments. However, the code does not include any checks to confirm this.
Impact
Without this check, there is a risk of uninstalling the wrong hook.
Recommendation
Implement a check within the _uninstallHook function to ensure that the hook being uninstalled matches the current active hook.
/// @dev Uninstalls a hook module, ensuring the current hook matches the one intended for uninstallation.
/// @param hook The address of the hook to be uninstalled.
/// @param data De-initialization data to configure the hook upon uninstallation.
function _uninstallHook(address hook, bytes calldata data) internal virtual {
require(_getHook() == hook, "Hook to uninstall does not match the current hook");
_setHook(address(0));
IHook(hook).onUninstall(data);
}
Updates
Appeal created
0xtheblackpanther
12 months ago
0xnevi
12 months ago
0xtheblackpanther
12 months ago
0xnevi
12 months ago
Prize pool breakdown
Total prize
30,000 USDC
nSLOC
1,43321 USDC / LOC
25,000 USDC
2,750 USDC
2,250 USDC
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.