Malicious pausing the contract #719
Comments
code423n4
added
3 (High Risk)
|
Honestly I'm really impressed by the submission, however I think the quote: shows that the likelihood of this happening is extremely small, the base mint will cost between 20k and 40k gas, and each instance of the loop should roughly cost 5k, with the minting instance costing around 5k + up to 50k From basic napkin math this is actually surprisingly possible However I believe the odds of this happening are extremely low as you'd need to have at least 20 tokens being minted to founders I think Med is more appropriate for now, I really like the catch of the OOG exploit, however I may have to downgrade further as the worst case scenario being pausing is not impactful |
GalloDaSballo
added
2 (Med Risk)
|
I believe the finding to be valid and Medium Severity as the conditions are non-trivial, but the impact is Denial of Service which can be triggered predictably given the circumnstances |
iainnash
added
the
sponsor confirmed
|
@GalloDaSballo @iainnash This was intentionally not catching out-of-gas errors in the Nouns contract this code is based on. (credit to @solimander) |
|
@davidbrai Thank you for the clarification, I have ran my own sim and must agree with you. Errors of the type:
Will not be caught by the Catch Statement. I have to agree with you that I should have disputed this report for lacking a specific POC and the POC I wrote indicates that it is invalid. I'd like to flag that the POC I wrote seems to suggest that the function will not catch custom errors as well, meaning that as far as I can tell, the custom errors will not be caught. POC follows (can be quickly setup using the excellent: https://github.com/0xKitsune/gas-lab) // SPDX-License-Identifier: UNLICENSED
pragma solidity 0.8.13;
import "../../lib/test.sol";
import "../../lib/Console.sol";
enum Values {
First,
Second
}
contract Exploit is DSTest {
Reverter testC;
function testExploit() public {
testC = new Reverter();
try testC.doTheRevertingThing{gas: 123}() returns (uint256) {
} catch Error(string memory) {
return;
}
require(false, "Did not catch");
}
}
contract Reverter {
error INVALID_APPROVAL();
function doTheRevertingThing() external returns (uint256){
revert INVALID_APPROVAL();
return 123;
}
}
I apologize for the mistake and hope it didn't cause needless refactorings. The site is looking great, wish you the best with the product! |
Lines of code
https://github.com/code-423n4/2022-09-nouns-builder/blob/7e9fddbbacdd7d7812e912a369cfd862ee67dc03/src/auction/Auction.sol#L204
https://github.com/code-423n4/2022-09-nouns-builder/blob/7e9fddbbacdd7d7812e912a369cfd862ee67dc03/src/auction/Auction.sol#L206
https://github.com/code-423n4/2022-09-nouns-builder/blob/7e9fddbbacdd7d7812e912a369cfd862ee67dc03/src/auction/Auction.sol#L235
Vulnerability details
Vulnerability details
Description
There is a function
_createAuctioninAuctioncontract.It consist the following logic:
According to the EIP-150
callopcode can consume as most63/64of parrent calls' gas. That meanstoken.mint()can fail since there will be no gas.All in all, if
token.mint()fail on gas and the rest gas is enough for pausing the contract by calling_pauseincatchstatement the contract will be paused.Please note, that a bug can be exploitable if the token.mint() consume more than 1.500.000 of gas, because 1.500.000 / 64 > 20.000 that need to pause the contract. Also, the logic of
token.mint()includes traversing the array up to 100 times, that's heavy enough to reach 1.500.000 gas limit.Impact
Contract can be paused by any user by passing special amount of gas for the call of
settleCurrentAndCreateNewAuction(which consists of two internal calls of_settleAuctionand_createAuctionfunctions).Recommended Mitigation Steps
Add a special check for upper bound of
gasLeftat start of_createAuctionfunction.The text was updated successfully, but these errors were encountered: