Closed code423n4 closed 3 years ago
GalloDaSballo
Constructor doesn't have any checks on input parameters https://github.com/code-423n4/2021-09-wildcredit/blob/c48235289a25b2134bb16530185483e8c85507f8/contracts/InterestRateModel.sol#L36
This is in contradiction with the setters, https://github.com/code-423n4/2021-09-wildcredit/blob/c48235289a25b2134bb16530185483e8c85507f8/contracts/InterestRateModel.sol#L43
which are all checking for the relation between the values
Add the checks in the constructor as well
require(_value < lowRate, "InterestRateModel: _value < lowRate"); require(_value < highRate, "InterestRateModel: _value < lowRate");
require(_value < lowRate, "InterestRateModel: _value < lowRate");
require(_value < highRate, "InterestRateModel: _value < lowRate");
Duplicate #63
talegift
commented
3 years ago talegift
commented
3 years ago
Handle
GalloDaSballo
Vulnerability details
Impact
Constructor doesn't have any checks on input parameters https://github.com/code-423n4/2021-09-wildcredit/blob/c48235289a25b2134bb16530185483e8c85507f8/contracts/InterestRateModel.sol#L36
This is in contradiction with the setters, https://github.com/code-423n4/2021-09-wildcredit/blob/c48235289a25b2134bb16530185483e8c85507f8/contracts/InterestRateModel.sol#L43
which are all checking for the relation between the values
Recommended Mitigation Steps
Add the checks in the constructor as well
require(_value < lowRate, "InterestRateModel: _value < lowRate");require(_value < highRate, "InterestRateModel: _value < lowRate");