Although the function is only called by the owner, the function has a potential issue of reentering.
The burnProfile
function does not follow the Checks-Effects-Interactions (CEI) pattern properly. The _burn(tokenId)
call, which may involve external interactions (depending on how the base ERC721 implementation is structured), occurs before state variables are updated. This could leave the contract in an inconsistent state if a reentrant call is made during execution.
Rearrange the function logic so that all state changes occur before the external _burn
call. The following corrected implementation ensures compliance with CEI:
Please read the CodeHawks documentation to know which submissions are valid. If you disagree, provide a coded PoC and explain the real likelyhood and the detailed impact on the mainnet without any supposition (if, it could, etc) to prove your point.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.