Return values of transfer()/transferFrom() not checked
code423n4 opened this issue · 11 comments
Lines of code
Vulnerability details
Not all IERC20
implementations revert()
when there's a failure in transfer()
/transferFrom()
. The function signature has a boolean
return value and they indicate errors that way instead. By not checking the return value, operations that should have marked as failed, may potentially go through without actually making a payment
File: contracts/option-airdrop/AirdropBroker.sol
377 paymentToken.transfer(
378 paymentTokenBeneficiary,
379 paymentToken.balanceOf(address(this))
380: );
509 _paymentToken.transferFrom(
510 msg.sender,
511 address(this),
512 discountedPaymentAmount
513: );
File: contracts/options/TapiocaOptionBroker.sol
491 paymentToken.transfer(
492 paymentTokenBeneficiary,
493 paymentToken.balanceOf(address(this))
494: );
530 _paymentToken.transferFrom(
531 msg.sender,
532 address(this),
533 discountedPaymentAmount
534: );
File: contracts/tokens/LTap.sol
42: tapToken.transferFrom(msg.sender, address(this), amount);
50: tapToken.transfer(msg.sender, amount);
Assessed type
other
@geoffchan23 Sponsors are not allowed to close, reopen, or assign issues or pull requests.
@geoffchan23 Sponsors are not allowed to close, reopen, or assign issues or pull requests.
@geoffchan23 Sponsors can only use these labels: sponsor confirmed, sponsor disputed, sponsor acknowledged, disagree with severity.
@geoffchan23 Sponsors can only use these labels: sponsor confirmed, sponsor disputed, sponsor acknowledged, disagree with severity.
@geoffchan23 Sponsors can only use these labels: sponsor confirmed, sponsor disputed, sponsor acknowledged, disagree with severity.
@geoffchan23 Sponsors are not allowed to close, reopen, or assign issues or pull requests.
@geoffchan23 Sponsors can only use these labels: sponsor confirmed, sponsor disputed, sponsor acknowledged.
@geoffchan23 Sponsors can only use these labels: sponsor confirmed, sponsor disputed, sponsor acknowledged.
@geoffchan23 Sponsors can only use these labels: sponsor confirmed, sponsor disputed, sponsor acknowledged.
@geoffchan23 Sponsors can only use these labels: sponsor confirmed, sponsor disputed, sponsor acknowledged.
@geoffchan23 Sponsors can only use these labels: sponsor confirmed, sponsor disputed, sponsor acknowledged.