ProtocolDAO.upgradeExistingContract
does not perform the upgrade correctly.
#542
Labels
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
downgraded by judge
Judge downgraded the risk level of this issue
duplicate-742
satisfactory
satisfies C4 submission criteria; eligible for awards
Lines of code
https://github.com/code-423n4/2022-12-gogopool/blob/main/contracts/contract/ProtocolDAO.sol#L209-L216
Vulnerability details
Impact
The
ProtocolDAO.upgradeExistingContract
is intended to register a new contract in protocol and unregister the old contract. It essentially combinedregisterContract
andunregisterContract
function calls in a single call.According to its implementation it can be seen that it first registers the new contract and then unregisters the old one. This sequence causes issues if the new and old name of the contract is same. In that case the storage values gets messed up.
Proof of Concept
In the test case above, the
newAddr
address value points to "Oracle" string but the "Oracle" string points to null address.Tools Used
Manual review
Recommended Mitigation Steps
Consider performing unregistering the old contract before registering the new one or consider validating that new and old contract names cannot be same.
The text was updated successfully, but these errors were encountered: