Christmas Dinner
First Flight #31
Beginner FriendlyFoundrySolidity
100 EXP
View results
Previous Next
Submission Details
Severity: high
Valid

modifier nonReentrant()

hawks

Summary

The locked variable is being handled incorrect within the modifier.

modifier nonReentrant() {
require(!locked, "No re-entrancy");
_;
locked = false;
}

Vulnerability Details

The value of locked is set to false after the function code _ is executed, this create an opportunity for a re-entrancy attack. After the function code is executed, the locked = false; is executed, which means the locked flag is reset after the function code completes.

Impact

An external contract can call back to the function locked because is set to false.

Scenario:

  1. First Call: User calls a function.

  2. The require(!locked) check passes, and the function starts executing (because locked is initially false).

  3. Re-entry: If the function interact with another contract that calls back into the function, the check passes becasue the locked is updating at the end of the function execution.

Tools Used

Manual review

Recommendations

Set locked to true before executing the function.

modifier nonReentrant() {
require(!locked, "No re-entrancy");
locked = true;
_;
locked = false;
}
Updates

Lead Judging Commences

0xtimefliez Lead Judge about 1 year ago
Submission Judgement Published
Validated
Assigned finding tags:

mutex lock incomplete

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!