Lines of code
<https://github.com/code-423n4/2022-11-looksrare/blob/e3b2c053f722b0ca2dce3a3eb06f64859b8b7a6f/contracts/lowLevelCallers/LowLevelERC20Transfer.sol#L46-L57>
<https://github.com/code-423n4/2022-11-looksrare/blob/e3b2c053f722b0ca2dce3a3eb06f64859b8b7a6f/contracts/lowLevelCallers/LowLevelERC20Approve.sol#L20-L31>
<https://github.com/code-423n4/2022-11-looksrare/blob/e3b2c053f722b0ca2dce3a3eb06f64859b8b7a6f/contracts/ERC20EnabledLooksRareAggregator.sol#L35>
<https://github.com/code-423n4/2022-11-looksrare/blob/e3b2c053f722b0ca2dce3a3eb06f64859b8b7a6f/contracts/ERC20EnabledLooksRareAggregator.sol#L42>
<https://github.com/code-423n4/2022-11-looksrare/blob/e3b2c053f722b0ca2dce3a3eb06f64859b8b7a6f/contracts/LooksRareAggregator.sol#L108>
<https://github.com/code-423n4/2022-11-looksrare/blob/e3b2c053f722b0ca2dce3a3eb06f64859b8b7a6f/contracts/LooksRareAggregator.sol#L245>
Functions _executeERC20DirectTransfer and _executeERC20TransferFrom replicates solmate libraries methods. The problem with this is that these functions does not check existence of code at the token address.
If _executeERC20DirectTransferand _executeERC20TransferFrom are called on a token address that doesnβt have contract in it, it will always return success, bypassing the return value check.
These function affects:
The problem is similar to the one reported in OlympusDao contest. Also check [frangio] answer in openzeppelin forum
Check contract code length to verify that currency is in fact a contract.
The text was updated successfully, but these errors were encountered:
All reactions