NestedFactory._decreaseHoldingAmount needs explicit amount control for spending reserve
Opened this issue · 2 comments
code423n4 commented
Handle
hyh
Vulnerability details
Impact
Using uint256 safe operations for business logic leads to less clear code, potentially hiding issues.
Proof of Concept
_decreaseHoldingAmount doesn't check the amount, doing the subtraction right away:
https://github.com/code-423n4/2021-11-nested/blob/main/contracts/NestedFactory.sol#L514
Recommended Mitigation Steps
Add amount control:
require(holding.amount >= _amount, "Overspent")
maximebrugel commented
The amount is already checked in _transferInputTokens
alcueca commented
Checking data integrity in a previous function is not a great practice. The issue is valid.