search

code-423n4 / 2021-09-wildcredit-findings

0 stars 0 forks source link

missing zero-address check #8

Closed code423n4 closed 3 years ago

code423n4 commented 3 years ago

Handle

jah

Vulnerability details

Impact

The parameter that are used in initialize() function to initialize the state variable,these state variable are used in other function to perform operation. since some of them lacks zero address validation, it will be problematic if there is error in these state variable. some of the function will loss their functionality which can cause the redeployment of contract

Proof of Concept

https://github.com/code-423n4/2021-09-wildcredit/blob/edfc97a8b75bb290a7f7f61cda62d586ed42c73e/contracts/LendingPair.sol#L85-L87

Tools Used

manual analysis

Recommended Mitigation Steps

add require condition which check zero address validation

talegift commented 3 years ago

Duplicate #110

ghoul-sol commented 3 years ago

per #110 invalid