Closed code423n4 closed 2 years ago
Funen
https://github.com/code-423n4/2022-01-yield/blob/main/contracts/ConvexStakingWrapper.sol#L60 ,
Deploy the contract will got zero address, so the constructor need to be check by using != address(0) so ConvexStakingWrapper.sol addresses can't be zero address.
!= address(0)
ConvexStakingWrapper.sol
constructor( address _curveToken, address _convexToken, address _convexPool, uint256 _poolId, address _vault, string memory name, string memory symbol, uint8 decimals
need to be check
e.g
__curveToken != address(0) && _convexToken != address(0) && _convexPool != address(0) && _vault != address(0)
From readme:
Duplicate of #34
Because the sponsor explicitly made the address(0) checks invalid in the readme for the competition, am going to mark this invalid
Handle
Funen
Vulnerability details
https://github.com/code-423n4/2022-01-yield/blob/main/contracts/ConvexStakingWrapper.sol#L60 ,
Deploy the contract will got zero address, so the constructor need to be check by using
!= address(0)
soConvexStakingWrapper.sol
addresses can't be zero address.need to be check
e.g