ajayss - sunsetCollection will not execute when a listing exists with very large created parameter

[sherlock-admin4]

ajayss

Medium

sunsetCollection will not execute when a listing exists with very large created parameter

Summary

collectionShutdown calls shutdown collection when the collection has to be removed from locker.sol

However it checks if pending listings exist and even if locker is paused, if a listing had very high created time, it'll not be removed and listingCount will stay non-zero

This will permanently DOS sunsetCollection from ever being called.

Root Cause

https://github.com/sherlock-audit/2024-08-flayer/blob/main/flayer/src/contracts/utils/CollectionShutdown.sol#L241

https://github.com/sherlock-audit/2024-08-flayer/blob/main/flayer/src/contracts/Listings.sol#L142

The issue comes where a listing cannot be forcibly removed when createListings is called with an impossible to reach value for created parameter for the block.timestamp

This causes Listings count to always be non-zero effectively DOSing the sunsetCollection method

    function _hasListings(address _collection) internal view returns (bool) {
        IListings listings = locker.listings();
        if (address(listings) != address(0)) {
@>            if (listings.listingCount(_collection) != 0) {
                return true;
            }
.
.
.

Internal pre-conditions

1. createListings with a listing of created parameter very higher than block.timestamp is called

External pre-conditions

No response

Attack Path

1. sunsetCollection is attempted to be called from CollectionShutdown but fails as the listingCount for the collection will always be non-zero

Impact

The collection can never be sunset

PoC

No response

Mitigation

have a limit check for the collection listing created or have a method to forcibly remove a listing from Listings.sol