Missing nonReentrant modifiers #16

code423n4 · 2021-06-22T15:15:59Z

Handle

pauliax

Vulnerability details

Impact

I expect to see nonReentrant on functions with external calls (e.g. moving tokens). Here is a list (it may not be complete) of functions that do not have this modifier:
Contract SushiYieldSource functions supplyTokenTo, redeemToken. Contract IdleYieldSource function sponsor. Contract BadgerYieldSource functions supplyTokenTo, redeemToken. Contract ATokenYieldSource function sponsor.

Recommended Mitigation Steps

Add nonReentrant modifier to the functions that interact with external actors.

asselstine · 2021-06-24T23:05:14Z

See #119

dmvt · 2021-07-31T18:00:57Z

dropping this to a level 1 since no threat is actually defined and the other duplicate issues all agree this is a low risk

dmvt · 2021-07-31T18:01:17Z

duplicate of #119

code423n4 added 2 (Med Risk) bug Something isn't working labels Jun 22, 2021

code423n4 added a commit that referenced this issue Jun 22, 2021

pauliax issue #16

382647d

asselstine closed this as completed Jun 24, 2021

asselstine added the duplicate This issue or pull request already exists label Jun 24, 2021

dmvt added 1 (Low Risk) and removed 2 (Med Risk) labels Jul 31, 2021

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Missing nonReentrant modifiers #16

Missing nonReentrant modifiers #16

code423n4 commented Jun 22, 2021

asselstine commented Jun 24, 2021

dmvt commented Jul 31, 2021

dmvt commented Jul 31, 2021

Missing nonReentrant modifiers #16

Missing nonReentrant modifiers #16

Comments

code423n4 commented Jun 22, 2021

Handle

Vulnerability details

Impact

Recommended Mitigation Steps

asselstine commented Jun 24, 2021

dmvt commented Jul 31, 2021

dmvt commented Jul 31, 2021