Skip to content

Reentrancy in oToken.addERC20CollateralOption(uint256,uint256,address) (oToken.sol#160-167) #156

Description

Reentrancy in oToken.addERC20CollateralOption(uint256,uint256,address) (oToken.sol#160-167):
External calls:
- addERC20Collateral(msg.sender,amtCollateral) (oToken.sol#165)
- require(bool,string)(collateral.transferFrom(msg.sender,address(this),amt),Could not transfer in collateral tokens) (OptionsContract.sol#362-365)
State variables written after the call(s):
- issueOTokens(amtToCreate,receiver) (oToken.sol#166)
- _balances[account] = _balances[account].add(amount) (@openzeppelin/contracts/token/ERC20/ERC20.sol#176)
- issueOTokens(amtToCreate,receiver) (oToken.sol#166)
- _totalSupply = _totalSupply.add(amount) (@openzeppelin/contracts/token/ERC20/ERC20.sol#175)

Apply the check-effects-interactions pattern.

Metadata

Metadata

Assignees

No one assigned

    Labels

    cryticCreate by crytic security report

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions