fix bugs caused by c4 removing _data/findings.csv

results/bugs.csv

@@ -90,7 +90,7 @@ Contest ID, Bug ID, Bug Label, Difficulty, Bug Description, Reference, Comment
 20, H-01, O6, 1, "SynthVault withdraw forfeits rewards", https://code4rena.com/reports/2021-07-spartan#h-01-synthvault-withdraw-forfeits-rewards, ""
 20, H-02, SC, 5, "Pool.sol & Synth.sol: Failing Max Value Allowance", https://code4rena.com/reports/2021-07-spartan#h-02-poolsol--synthsol-failing-max-value-allowance, ""
 20, H-03, L8, 11, "Result of transfer / transferFrom not checked", https://code4rena.com/reports/2021-07-spartan#h-03-result-of-transfer--transferfrom-not-checked, ""
-20, H-04, O5, 2, "Members lose SPARTA tokens in removeLiquiditySingle()", https://code4rena.com/reports/2021-07-spartan#h-04-members-lose-sparta-tokens-in-removeliquiditysingle, ""
+20, H-04, O5, 3, "Members lose SPARTA tokens in removeLiquiditySingle()", https://code4rena.com/reports/2021-07-spartan#h-04-members-lose-sparta-tokens-in-removeliquiditysingle, ""
 20, H-05, S1-1, 2, "Synth realise is vulnerable to flash loan attacks", https://code4rena.com/reports/2021-07-spartan#h-05-synth-realise-is-vulnerable-to-flash-loan-attacks, ""
 20, H-06, S1-1, 1, "SynthVault rewards can be gamed", https://code4rena.com/reports/2021-07-spartan#h-06-synthvault-rewards-can-be-gamed, ""
 20, H-07, S1-2, 2, "Missing slippage checks", https://code4rena.com/reports/2021-07-spartan#h-07-missing-slippage-checks, ""
@@ -130,7 +130,7 @@ Contest ID, Bug ID, Bug Label, Difficulty, Bug Description, Reference, Comment
 27, H-02, O4, 1, "Freeze Bridge via Non-UTF8 Token Name/Symbol/Denom", https://code4rena.com/reports/2021-08-gravitybridge#h-02-freeze-bridge-via-non-utf8-token-namesymboldenom, ""
 27, H-03, O4, 1, "Freeze The Bridge Via Large ERC20 Names/Symbols/Denoms", https://code4rena.com/reports/2021-08-gravitybridge#h-03-freeze-the-bridge-via-large-erc20-namessymbolsdenoms, ""
 27, H-04, O4, 1, "Large Validator Sets/Rapid Validator Set Updates May Freeze the Bridge or Relayers", https://code4rena.com/reports/2021-08-gravitybridge#h-04-large-validator-setsrapid-validator-set-updates-may-freeze-the-bridge-or-relayers, ""
-28, H-01, SE-2, 4, "PostAuctionLauncher.sol#finalize() Adding liquidity to an existing pool may allows the attacker to steal most of the tokens", https://code4rena.com/reports/2021-09-sushimiso#h-01-postauctionlaunchersolfinalize-adding-liquidity-to-an-existing-pool-may-allows-the-attacker-to-steal-most-of-the-tokens, ""
+28, H-01, SE-2, 3, "PostAuctionLauncher.sol#finalize() Adding liquidity to an existing pool may allows the attacker to steal most of the tokens", https://code4rena.com/reports/2021-09-sushimiso#h-01-postauctionlaunchersolfinalize-adding-liquidity-to-an-existing-pool-may-allows-the-attacker-to-steal-most-of-the-tokens, ""
 28, H-02, SC, 1, "SushiToken transfers are broken due to wrong delegates accounting on transfers", https://code4rena.com/reports/2021-09-sushimiso#h-02-sushitoken-transfers-are-broken-due-to-wrong-delegates-accounting-on-transfers, ""
 28, H-03, SE-1, 1, "Last person to withdraw his tokens might not be able to do this, in Crowdsale (edge case)", https://code4rena.com/reports/2021-09-sushimiso#h-03-last-person-to-withdraw-his-tokens-might-not-be-able-to-do-this-in-crowdsale-edge-case, ""
 29, H-01, O5, 3, "Flash swap call back prior to transferring tokens in indexPool", https://code4rena.com/reports/2021-09-sushitrident#h-01-flash-swap-call-back-prior-to-transferring-tokens-in-indexpool, ""
@@ -191,8 +191,8 @@ Contest ID, Bug ID, Bug Label, Difficulty, Bug Description, Reference, Comment
 38, H-04, SC, 1, "QuickAccManager Smart Contract signature verification can be exploited", https://code4rena.com/reports/2021-10-ambire#h-04-quickaccmanager-smart-contract-signature-verification-can-be-exploited, ""
 39, H-01, L8, 11, "Unsafe handling of underlying tokens", https://code4rena.com/reports/2021-09-swivel#h-01-unsafe-handling-of-underlying-tokens, ""
 39, H-02, S6-4, 2, "Swivel: Taker is charged fees twice in exitVaultFillingVaultInitiate", https://code4rena.com/reports/2021-09-swivel#h-02-swivel-taker-is-charged-fees-twice-in-exitvaultfillingvaultinitiate, ""
-39, H-03, SE-4, 1, "transferNotionalFrom doesn’t check from != to", https://code4rena.com/reports/2021-09-swivel#h-03-transfernotionalfrom-doesnt-check-from--to, ""
-39, H-04, LA, 1, "return value of 0 from ecrecover not checked", https://code4rena.com/reports/2021-09-swivel#h-04-return-value-of-0-from-ecrecover-not-checked, ""
+39, H-03, SE-4, 2, "transferNotionalFrom doesn’t check from != to", https://code4rena.com/reports/2021-09-swivel#h-03-transfernotionalfrom-doesnt-check-from--to, ""
+39, H-04, LA, 4, "return value of 0 from ecrecover not checked", https://code4rena.com/reports/2021-09-swivel#h-04-return-value-of-0-from-ecrecover-not-checked, ""
 41, H-01, SC, 1, "Bonding mechanism allows malicious user to DOS auctions", https://code4rena.com/reports/2021-10-defiprotocol#h-01-bonding-mechanism-allows-malicious-user-to-dos-auctions, ""
 42, H-01, S6-3, 2, "Vault fails to track debt correctly that leads to bad debt", https://code4rena.com/reports/2021-10-mochi#h-01-vault-fails-to-track-debt-correctly-that-leads-to-bad-debt, ""
 42, H-02, SC, 1, "FeePoolV0.sol#distributeMochi() will unexpectedly flush treasuryShare, causing the protocol fee cannot be properly accounted for and collected", https://code4rena.com/reports/2021-10-mochi#h-02-feepoolv0soldistributemochi-will-unexpectedly-flush-treasuryshare-causing-the-protocol-fee-cannot-be-properly-accounted-for-and-collected, ""
@@ -315,12 +315,12 @@ Contest ID, Bug ID, Bug Label, Difficulty, Bug Description, Reference, Comment
 64, H-06, SE-3, 10, "Rewards can be claimed multiple times", https://code4rena.com/reports/2021-12-pooltogether#h-06-rewards-can-be-claimed-multiple-times, ""
 64, H-07, SC, 4, "Contract does not work with fee-on transfer tokens", https://code4rena.com/reports/2021-12-pooltogether#h-07-contract-does-not-work-with-fee-on-transfer-tokens, ""
 65, H-01, S3-1, 1, "Wrong fee calculation after totalSupply was 0", https://code4rena.com/reports/2021-12-defiprotocol#h-01-wrong-fee-calculation-after-totalsupply-was-0, ""
-66, H-01, S5-3, 1, "receiveCollateral() can be called by anyone", https://code4rena.com/reports/2021-12-yetifinance#h-01-receivecollateral-can-be-called-by-anyone, ""
-66, H-02, S6-3, 3, "Yeti token rebase checks the additional token amount incorrectly", https://code4rena.com/reports/2021-12-yetifinance#h-02-yeti-token-rebase-checks-the-additional-token-amount-incorrectly, ""
+66, H-01, S5-3, 3, "receiveCollateral() can be called by anyone", https://code4rena.com/reports/2021-12-yetifinance#h-01-receivecollateral-can-be-called-by-anyone, ""
+66, H-02, S6-3, 1, "Yeti token rebase checks the additional token amount incorrectly", https://code4rena.com/reports/2021-12-yetifinance#h-02-yeti-token-rebase-checks-the-additional-token-amount-incorrectly, ""
 67, H-01, O3, 1, "forceUnsponsor() may open a window for attackers to manipulate the _totalShares and freeze users’ funds at a certain deposit amount", https://code4rena.com/reports/2022-01-sandclock#h-01-forceunsponsor-may-open-a-window-for-attackers-to-manipulate-the-_totalshares-and-freeze-users-funds-at-a-certain-deposit-amount, ""
 67, H-02, L1, 3, "Withdrawers can get more value returned than expected with reentrant call", https://code4rena.com/reports/2022-01-sandclock#h-02-withdrawers-can-get-more-value-returned-than-expected-with-reentrant-call, ""
 67, H-03, S1-1, 15, "Vaults with non-UST underlying asset vulnerable to flash loan attack on curve pool", https://code4rena.com/reports/2022-01-sandclock#h-03-vaults-with-non-ust-underlying-asset-vulnerable-to-flash-loan-attack-on-curve-pool, ""
-67, H-04, L1, 15, "deposit() function is open to reentrancy attacks", https://code4rena.com/reports/2022-01-sandclock#h-04-deposit-function-is-open-to-reentrancy-attacks, ""
+67, H-04, L1, 16, "deposit() function is open to reentrancy attacks", https://code4rena.com/reports/2022-01-sandclock#h-04-deposit-function-is-open-to-reentrancy-attacks, ""
 67, H-05, L1, 2, "sponsor() function in open to reentrancy attacks", https://code4rena.com/reports/2022-01-sandclock#h-05-sponsor-function-in-open-to-reentrancy-attacks, ""
 68, H-01, S3-1, 1, "Unused ERC20 tokens are not refunded, and can be stolen by attacker", https://code4rena.com/reports/2021-12-amun#h-01-unused-erc20-tokens-are-not-refunded-and-can-be-stolen-by-attacker, "forget to refund leftover tokens, i.e., missing state updates"
 68, H-02, SC, 2, "It might not be possible to withdraw tokens from the basket", https://code4rena.com/reports/2021-12-amun#h-02-it-might-not-be-possible-to-withdraw-tokens-from-the-basket, ""
@@ -490,4 +490,4 @@ Contest ID, Bug ID, Bug Label, Difficulty, Bug Description, Reference, Comment
 192, H-11, S6-4, 9, "Not enough margin pulled or burned from user when adding to a position", https://code4rena.com/reports/2022-12-tigris#h-11-not-enough-margin-pulled-or-burned-from-user-when-adding-to-a-position, ""
 193, H-01, L1, 10, "Reentrancy in buy function for ERC777 tokens allows buying funds with considerable discount", https://code4rena.com/reports/2022-12-caviar#h-01-reentrancy-in-buy-function-for-erc777-tokens-allows-buying-funds-with-considerable-discount, ""
 193, H-02, S1-2, 28, "Liquidity providers may lose funds when adding liquidity", https://code4rena.com/reports/2022-12-caviar#h-02-liquidity-providers-may-lose-funds-when-adding-liquidity, ""
-193, H-03, O3, 41, "First depositor can break minting of shares", https://code4rena.com/reports/2022-12-caviar#h-03-first-depositor-can-break-minting-of-shares, ""
+193, H-03, O3, 43, "First depositor can break minting of shares", https://code4rena.com/reports/2022-12-caviar#h-03-first-depositor-can-break-minting-of-shares, ""