fix: Fix reentrance attack in flashLoanSimple

aave · Nov 10, 2021 · 1e98320 · 1e98320
1 parent 87d738c
commit 1e98320
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 11 deletions.
diff --git a/contracts/protocol/libraries/logic/FlashLoanLogic.sol b/contracts/protocol/libraries/logic/FlashLoanLogic.sol
@@ -184,18 +184,13 @@ library FlashLoanLogic {
     DataTypes.ReserveData storage reserve,
     DataTypes.FlashloanSimpleParams memory params
   ) external {
+    ValidationLogic.validateFlashloanSimple(reserve);
     FlashLoanSimpleLocalVars memory vars;
 
-    DataTypes.ReserveCache memory reserveCache = reserve.cache();
-    reserve.updateState(reserveCache);
-
-    ValidationLogic.validateFlashloanSimple(reserveCache);
-
     vars.receiver = IFlashLoanSimpleReceiver(params.receiverAddress);
-
     vars.totalPremium = params.amount.percentMul(params.flashLoanPremiumTotal);
     vars.amountPlusPremium = params.amount + vars.totalPremium;
-    IAToken(reserveCache.aTokenAddress).transferUnderlyingTo(params.receiverAddress, params.amount);
+    IAToken(reserve.aTokenAddress).transferUnderlyingTo(params.receiverAddress, params.amount);
 
     require(
       vars.receiver.executeOperation(
@@ -211,6 +206,8 @@ library FlashLoanLogic {
     vars.premiumToProtocol = params.amount.percentMul(params.flashLoanPremiumToProtocol);
     vars.premiumToLP = vars.totalPremium - vars.premiumToProtocol;
 
+    DataTypes.ReserveCache memory reserveCache = reserve.cache();
+    reserve.updateState(reserveCache);
     reserve.cumulateToLiquidityIndex(
       IERC20(reserveCache.aTokenAddress).totalSupply(),
       vars.premiumToLP

diff --git a/contracts/protocol/libraries/logic/ValidationLogic.sol b/contracts/protocol/libraries/logic/ValidationLogic.sol
@@ -464,11 +464,11 @@ library ValidationLogic {
 
   /**
    * @notice Validates a flashloan action
-   * @param reserveCache The cached data of the reserve
+   * @param reserve The state of the reserve
    */
-  function validateFlashloanSimple(DataTypes.ReserveCache memory reserveCache) internal pure {
-    require(!reserveCache.reserveConfiguration.getPaused(), Errors.VL_RESERVE_PAUSED);
-    require(reserveCache.reserveConfiguration.getActive(), Errors.VL_NO_ACTIVE_RESERVE);
+  function validateFlashloanSimple(DataTypes.ReserveData storage reserve) internal view {
+    require(!reserve.configuration.getPaused(), Errors.VL_RESERVE_PAUSED);
+    require(reserve.configuration.getActive(), Errors.VL_NO_ACTIVE_RESERVE);
   }
 
   struct ValidateLiquidationCallLocalVars {