fix: reentrancy test

OriumNetwork · Aug 14, 2024 · b602f4d · b602f4d
1 parent f61365a
commit b602f4d
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 30 deletions.
diff --git a/contracts/mocks/ReentrancyAttack.sol b/contracts/mocks/ReentrancyAttack.sol
@@ -7,18 +7,13 @@ contract ReentrancyAttack {
     OriumSftMarketplace public marketplace;
     RentalOffer public offer;
     uint64 public duration;
-    bool public reentered = false;
 
     constructor(OriumSftMarketplace _marketplace) {
         marketplace = _marketplace;
     }
 
     receive() external payable {
-        if (!reentered && address(marketplace).balance > 0) {
-            reentered = true;
-            // Try to re-enter the marketplace
-            marketplace.acceptRentalOffer{ value: msg.value / 2 }(offer, duration);
-        }
+        marketplace.acceptRentalOffer{ value: msg.value }(offer, duration);
     }
 
     function attack(RentalOffer calldata _offer, uint64 _duration) external payable {
@@ -27,13 +22,4 @@ contract ReentrancyAttack {
 
         marketplace.acceptRentalOffer{ value: msg.value }(_offer, _duration);
     }
-
-    function attackWithRecursiveCalls(RentalOffer calldata _offer, uint64 _duration, uint times) external payable {
-        offer = _offer;
-        duration = _duration;
-
-        for (uint i = 0; i < times; i++) {
-            marketplace.acceptRentalOffer{ value: msg.value / times }(_offer, _duration);
-        }
-    }
 }
diff --git a/test/OriumSftMarketplace.test.ts b/test/OriumSftMarketplace.test.ts
@@ -731,27 +731,25 @@ describe('OriumSftMarketplace', () => {
               await marketplaceRoyalties
                 .connect(operator)
                 .setTrustedFeeTokenForToken([rentalOffer.tokenAddress], [AddressZero], [true])
-
+              rentalOffer.minDuration = duration
               rentalOffer.feeTokenAddress = AddressZero
               rentalOffer.feeAmountPerSecond = toWei('0.0000001')
               const totalFeeAmount = rentalOffer.feeAmountPerSecond * BigInt(duration)
+
               rentalOffer.nonce = `0x${randomBytes(32).toString('hex')}`
               await marketplace.connect(lender).createRentalOffer({ ...rentalOffer, commitmentId: BigInt(0) })
               rentalOffer.commitmentId = BigInt(2)
 
-              // Attempt the attack
-              try {
-                await attackContract.attack(rentalOffer, duration, { value: totalFeeAmount })
-                console.log('Reentrancy attack did not revert the transaction.')
-              } catch (error: any) {
-                if (
-                  error.message.includes('OriumSftMarketplace: Reentrancy detected or insufficient native token amount')
-                ) {
-                  console.log('Reentrancy was correctly detected.')
-                } else {
-                  console.log('The transaction failed for another reason: ', error.message)
-                }
-              }
+              await attackContract.connect(lender).attack(rentalOffer, duration, {
+                value: totalFeeAmount,
+              })
+
+              await expect(
+                borrower.sendTransaction({
+                  to: attackContract.getAddress(),
+                  value: toWei('1'),
+                }),
+              ).to.be.revertedWith('OriumSftMarketplace: This offer has an ongoing rental')
             })
 
             it('should revert on multiple reentrant calls', async () => {
@@ -772,7 +770,7 @@ describe('OriumSftMarketplace', () => {
 
               await borrower.sendTransaction({
                 to: attackContract.getAddress(),
-                value: totalFeeAmount * BigInt(6),
+                value: toWei('100'),
               })
 
               // Attempt the attack