Incorrect memory assignment fails to update originOfferInfo.abortOfferStatus properly in listOffer() function
Summary
Variable originOfferInfo.abortOfferStatus not updated properly (in storage) due to a faulty memory assignment when retrieving originOfferInfo from storage mapping.
Vulnerability Details
The variable is only changed in memory - not in storage - so the update is not stored properly.
Impact
abortOfferStatus of Turbo offers is not properly stored on-chain. This can cause some checks to pass correctly even though they should not.
Tools Used
Manual review
Recommendations
Change memory assignment of variable to storage:
Lead Judging Commences
finding-PreMarkets-listOffer-originIOfferInfo-storage-memory
Valid high severity, because the `abortOfferStatus` of the offer is not updated and persist through `storage` when listing an offer for turbo mode within the `offerInfoMap` mapping, it allows premature abortion given the `abortOfferStatus` defaults to `Initialized`, allowing the bypass of this [check](https://github.com/Cyfrin/2024-08-tadle/blob/04fd8634701697184a3f3a5558b41c109866e5f8/src/core/PreMarkets.sol#L552-L557) here and allow complete refund of initial collateral + stealing of trade tax which can potentially be gamed for profits using multiple addresses
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.