Closed code423n4 closed 3 years ago
shw
When calling safeTransfer and safeTransferETH, the recipient is not checked to be non-zero explicitly, leading to loss of funds if provided as address(0) accidentally.
safeTransfer
safeTransferETH
address(0)
Referenced code: Join.sol#L79 Join.sol#L89 Ladle.sol#L468 Ladle.sol#L545 Pool.sol#L166](https://github.com/code-423n4/2021-05-yield/blob/main/contracts/yieldspace/Pool.sol#L166) Pool.sol#L176 Pool.sol#L294 Pool.sol#L372-L373 Pool.sol#L417 Pool.sol#L502 Pool.sol#L577 Pool.sol#L655 PoolRouter.sol#L169
Add non-zero checks in the above functions, e.g., require(to != address(0)).
require(to != address(0))
Duplicate with #42, I don't think this should be a contract check, but a frontend check.
duplicate of #42
Handle
shw
Vulnerability details
Impact
When calling
safeTransfer
andsafeTransferETH
, the recipient is not checked to be non-zero explicitly, leading to loss of funds if provided asaddress(0)
accidentally.Proof of Concept
Referenced code: Join.sol#L79 Join.sol#L89 Ladle.sol#L468 Ladle.sol#L545 Pool.sol#L166](https://github.com/code-423n4/2021-05-yield/blob/main/contracts/yieldspace/Pool.sol#L166) Pool.sol#L176 Pool.sol#L294 Pool.sol#L372-L373 Pool.sol#L417 Pool.sol#L502 Pool.sol#L577 Pool.sol#L655 PoolRouter.sol#L169
Recommended Mitigation Steps
Add non-zero checks in the above functions, e.g.,
require(to != address(0))
.