The transferFrom function of SherXERC20 checks the _from address to be non-zero, while the _to address is not checked. Neither the _from address nor the _to address is checked for the' transfer' function.
Consider adding non-zero address checks for the _from and _to addresses in the internal _transfer function instead of the transfer or transferFrom functions.
Handle
shw
Vulnerability details
Impact
The
transferFrom
function ofSherXERC20
checks the_from
address to be non-zero, while the_to
address is not checked. Neither the_from
address nor the_to
address is checked for the' transfer' function.Proof of Concept
Referenced code: SherXERC20.sol#L105 SherXERC20.sol#L94-L97
Recommended Mitigation Steps
Consider adding non-zero address checks for the
_from
and_to
addresses in the internal_transfer
function instead of thetransfer
ortransferFrom
functions.