Skip to content
This repository has been archived by the owner on May 26, 2023. It is now read-only.

Lambda - Overdue balances cannot be paid back #63

Closed
sherlock-admin opened this issue Nov 4, 2022 · 0 comments
Closed

Lambda - Overdue balances cannot be paid back #63

sherlock-admin opened this issue Nov 4, 2022 · 0 comments
Labels
Duplicate High

Comments

@sherlock-admin
Copy link
Contributor

sherlock-admin commented Nov 4, 2022
edited
Loading

Lambda

medium

Overdue balances cannot be paid back

Summary

UserManager.updateFrozenInfo is only callable by the Comptroller, but not by the UToken.

Vulnerability Detail

UserManager.updateFrozenInfo has the modifier onlyComptroller, which restricts it to calls from the Comptroller (and reverts otherwise). However, the function is also called within UToken when an overdue balance is paid back:

            if (isOverdue) {
                // For borrowers that are paying back overdue balances we need to update their
                // frozen balance and the global total frozen balance on the UserManager
                IUserManager(userManager).updateFrozenInfo(borrower, 0);
            }

Note that the tests do not catch this because a mock user manager is used that does not have this modifier for the updateFrozenInfo function.

Impact

Whenever a user wants to pay back an overdue balance, the call will revert. It is therefore impossible for users to pay back their overdue balances.

Code Snippet

https://github.com/sherlock-audit/2022-10-union-finance/blob/main/union-v2-contracts/contracts/market/UToken.sol#L624

Tool used

Manual Review

Recommendation

Also allow calls from the UToken.

Duplicate of #133
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
Duplicate High
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@sherlock-admin