addFunds can be added on cancelOffer.

Summary

as there in cancelOffer we are canceling the offer but we can still call the addFunds to add funds to that offer.

Root Cause

https://github.com/sherlock-audit/2024-11-debita-finance-v3/blob/main/Debita-V3-Contracts/contracts/DebitaLendOffer-Implementation.sol#L162

function addFunds(uint amount) public nonReentrant { require( msg.sender == lendInformation.owner || IAggregator(aggregatorContract).isSenderALoan(msg.sender), "Only owner or loan" ); SafeERC20.safeTransferFrom( IERC20(lendInformation.principle), msg.sender, address(this), amount ); lendInformation.availableAmount += amount; IDLOFactory(factoryContract).emitUpdate(address(this)); }

There is no check to see whether the offer has already been cancelled or not.

Internal pre-conditions

No response

External pre-conditions

No response

Attack Path

No response

Impact

No response

PoC

No response

Mitigation

while calling the addFunds check for the offer is not cancelled.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

042.md

042.md

addFunds can be added on cancelOffer.

Summary

Root Cause

Internal pre-conditions

External pre-conditions

Attack Path

Impact

PoC

Mitigation

Files

042.md

Latest commit

History

042.md

File metadata and controls

addFunds can be added on cancelOffer.

Summary

Root Cause

Internal pre-conditions

External pre-conditions

Attack Path

Impact

PoC

Mitigation