search

code-423n4 / 2021-09-wildcredit-findings

0 stars 0 forks source link

Lack of checks for address in `UniswapV3Oracle.constructor` #113

Closed code423n4 closed 2 years ago

code423n4 commented 2 years ago

Handle

GalloDaSballo

Vulnerability details

Impact

The parameter _uniPriceConverter in the constructor for UniswapV3Oracle https://github.com/code-423n4/2021-09-wildcredit/blob/c48235289a25b2134bb16530185483e8c85507f8/contracts/UniswapV3Oracle.sol#L39

Is not validated

Recommended Mitigation Steps

Add require(address(_uniPriceConverter) != 0);

talegift commented 2 years ago

As per the pre the judge's comment on the same issue from the previous audit.

This requires user error so non-critical.

https://github.com/code-423n4/2021-07-wildcredit-findings/issues/108#issuecomment-890587742

talegift commented 2 years ago

Duplicate #54

ghoul-sol commented 2 years ago

Duplicate of #114 reported by the same warden. Making this invalid.