Decent Sepia Caterpillar
High
User may lose funds when executing user operation due to that msg.value is ignored
fallback() external payable {
LibDiamond.DiamondStorage storage ds;
bytes32 position = LibDiamond.DIAMOND_STORAGE_POSITION;
// get diamond storage
assembly {
ds.slot := position
}
// get facet from function selector
address facet = ds.facetAddressAndSelectorPosition[msg.sig].facetAddress;
require(facet != address(0), "Diamond: Function does not exist");
// Execute external function from facet using delegatecall and return any value.
assembly {
// copy function selector and any arguments
calldatacopy(0, 0, calldatasize())
// execute function call using the facet
let result := delegatecall(gas(), facet, 0, calldatasize(), 0, 0)
// get any return value
returndatacopy(0, 0, returndatasize())
// return any return value or error back to the caller
switch result
case 0 {
revert(0, returndatasize())
}
default {
return(0, returndatasize())
}
}When a function is called with Ether, the above fallback() function is triggered, but it doesn't forward the sent Ether to the target facet. This means that any function expecting to receive Ether will not actually receive it
No response
No response
No response
users will loose funds
No response
Handle msg.value properly
if iszero(call(gas(), handler, callvalue(), 0, add(calldatasize(), 20), 0, 0)) { }