blockworks-foundation
/
mango-v4
mirror of https://github.com/blockworks-foundation/mango-v4.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Audit fixes (#613) 

* TokenForceCloseBorrows: Respect reduce-only flag
* ForceCancelOrders: Readability of early-out condition
This commit is contained in:
Christian Kamm 2023-06-16 13:34:54 +02:00 committed by GitHub
parent c68b1b22cf
commit b5c9f6d039
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 16 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
programs/mango-v4/src/instructions/perp_liq_force_cancel_orders.rs
View File

@ -23,10 +23,10 @@ pub fn perp_liq_force_cancel_orders(
// Early return if if liquidation is not allowed or if market is not in force close // Early return if if liquidation is not allowed or if market is not in force close
// //
let liquidatable = account.check_liquidatable(&health_cache)?; let liquidatable = account.check_liquidatable(&health_cache)?;
if account.fixed.is_operational() let can_force_cancel = !account.fixed.is_operational()
&& liquidatable != CheckLiquidatable::Liquidatable || liquidatable == CheckLiquidatable::Liquidatable
&& !perp_market.is_force_close() || perp_market.is_force_close();
{ if !can_force_cancel {
return Ok(()); return Ok(());
} }

14
programs/mango-v4/src/instructions/serum3_liq_force_cancel_orders.rs
View File

@ -60,14 +60,12 @@ pub fn serum3_liq_force_cancel_orders(
let health_cache = let health_cache =
new_health_cache(&account.borrow(), &retriever).context("create health cache")?; new_health_cache(&account.borrow(), &retriever).context("create health cache")?;
{ let liquidatable = account.check_liquidatable(&health_cache)?;
let liquidatable = account.check_liquidatable(&health_cache)?; let can_force_cancel = !account.fixed.is_operational()
if account.fixed.is_operational() || liquidatable == CheckLiquidatable::Liquidatable
&& liquidatable != CheckLiquidatable::Liquidatable || serum_market.is_force_close();
&& !serum_market.is_force_close() if !can_force_cancel {
{ return Ok(());
return Ok(());
}
} }
health_cache health_cache

6
programs/mango-v4/src/instructions/token_force_close_borrows_with_token.rs
View File

@ -56,6 +56,12 @@ pub fn token_force_close_borrows_with_token(
// account constraint #2 // account constraint #2
require!(liab_bank.is_force_close(), MangoError::TokenInForceClose); require!(liab_bank.is_force_close(), MangoError::TokenInForceClose);
// We might create asset borrows, so forbid asset tokens that don't allow them.
require!(
!asset_bank.are_borrows_reduce_only(),
MangoError::TokenInReduceOnlyMode
);
// account constraint #3 // account constraint #3
// only allow combination of asset and liab token, // only allow combination of asset and liab token,
// where liqee's health would be guaranteed to not decrease // where liqee's health would be guaranteed to not decrease