Context: RescueFunderLib.sol
Severity: Low
Description:
rescueFunds is used to transfer fund from the contract. The function accepts amount
of tokens that should be rescued.
/**
* @dev Rescues funds from a contract.
* @param token_ The address of the token contract.
* @param userAddress_ The address of the user.
* @param amount_ The amount of tokens to be rescued.
*/
However, if the token to be rescued is ETH, it transfers the whole balance of the contract, instead of the requested amount.
Estimated to have a severity of Low because it fits in: Contract fails to deliver what was promised, but no one's security is affected
Recommendation:
if (token_ == ETH_ADDRESS) {
+ (bool success, ) = userAddress_.call{value: amount}(
""
);
require(