InheritanceManager::non-reentrant()
is a low-level implementation of a reentrancy lock using transient storage. This modifier is implemented incorrectly as it uses the wrong storage slot to decide if the function has been previously entered. These functions include sendETH()
, contractInteractions()
and sendERC20
. All three of these are protected by onlyOwner, but they are not non-Reentrant.
None of the functions with nonReentrant()
modifier are protected from reentrancy. They are protected from unauthorized calls, which reduces the impact of this bug.
Add the following to InheritanceManager.t.sol and run tests.
Expected result:
Bug fix:
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.