-
Notifications
You must be signed in to change notification settings - Fork 0
endTime can be before startTime #160
Copy link
Copy link
Open
Labels
1 (Low Risk)Assets are not at risk. State handling, function incorrect as to spec, issues with commentsAssets are not at risk. State handling, function incorrect as to spec, issues with commentsbugSomething isn't workingSomething isn't workingresolvedFinding has been patched by sponsor (sponsor pls link to PR containing fix)Finding has been patched by sponsor (sponsor pls link to PR containing fix)sponsor confirmedSponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
Description
Metadata
Metadata
Assignees
Labels
1 (Low Risk)Assets are not at risk. State handling, function incorrect as to spec, issues with commentsAssets are not at risk. State handling, function incorrect as to spec, issues with commentsbugSomething isn't workingSomething isn't workingresolvedFinding has been patched by sponsor (sponsor pls link to PR containing fix)Finding has been patched by sponsor (sponsor pls link to PR containing fix)sponsor confirmedSponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
Handle
samruna
Vulnerability details
https://github.com/code-423n4/2022-01-openleverage/blob/main/openleverage-contracts/contracts/OLETokenLock.sol#L66
In the above code, there is no check to see if endTime is before startTime. Due to this past beneficiaries can be transferred additional tokens
Action:
check if endTime if always in future.