Clearwood
commented
3 years ago This report is a bit too general, requires are not necessarily the best option everywhere
Open code423n4 opened 3 years ago
Clearwood
commented
3 years ago This report is a bit too general, requires are not necessarily the best option everywhere
ghoul-sol
commented
3 years ago making this a non-critical as it is best practices recommendation
Handle
0xRajeev
Vulnerability details
Impact
Missing zero-address checks are best-practice. While this is present in many places, there are also many other places where it is missing and may lead to reverts or token burn.
Proof of Concept
https://github.com/sushiswap/miso/blob/2cdb1486a55ded55c81898b7be8811cb68cfda9e/contracts/Auctions/BatchAuction.sol#L325
https://github.com/sushiswap/miso/blob/2cdb1486a55ded55c81898b7be8811cb68cfda9e/contracts/Access/MISOAccessFactory.sol#L82
https://github.com/sushiswap/miso/blob/2cdb1486a55ded55c81898b7be8811cb68cfda9e/contracts/Access/MISOAccessFactory.sol#L115
https://github.com/sushiswap/miso/blob/2cdb1486a55ded55c81898b7be8811cb68cfda9e/contracts/Farms/MISOMasterChef.sol#L116-L121
https://github.com/sushiswap/miso/blob/2cdb1486a55ded55c81898b7be8811cb68cfda9e/contracts/Farms/MISOMasterChef.sol#L375
https://github.com/sushiswap/miso/blob/2cdb1486a55ded55c81898b7be8811cb68cfda9e/contracts/MISOFarmFactory.sol#L126
https://github.com/sushiswap/miso/blob/2cdb1486a55ded55c81898b7be8811cb68cfda9e/contracts/MISOFermenter.sol#L103
Tools Used
Manual Analysis
Recommended Mitigation Steps
Add the missing zero-address checks.