[M-11] Use of call for Ether Transfers in TokenDivider::buyOrder
Summary
The buyOrder function uses call for Ether transfers, which is generally safe but can introduce risks if not handled carefully. If the recipient is a malicious contract, it could consume excessive gas or revert the transaction, potentially disrupting the protocol.
Vulnerability Details
The buyOrder function uses call to transfer Ether to the seller and the contract owner. While call is flexible and allows for arbitrary data, it does not impose a gas limit, which can lead to out-of-gas errors if the recipient is a contract with a complex fallback function. This could cause the transaction to fail, leaving the contract in an inconsistent state.
Impact
Medium Impact: Funds could be at risk if the recipient is a malicious contract.
Transaction Failure: The transaction could fail due to out-of-gas errors, leaving the contract in an inconsistent state.
Reentrancy Risk: If the recipient is a malicious contract, it could exploit the call to perform a reentrancy attack.
Tools Used
Slither, Foundry
Recommendations
To mitigate these risks, consider using transfer or send for small Ether transfers, or implement gas limits for call. For example:
Option 1: Use transfer (limited to 2300 gas)
Option 2: Use call with a gas limit
Additional Considerations:
Use OpenZeppelin's ReentrancyGuard to prevent reentrancy attacks.
Emit events for failed transfers to improve transparency and debugging.
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.