Closed code423n4 closed 2 years ago
https://github.com/code-423n4/2022-02-aave-lens/blob/main/contracts/core/LensHub.sol#L850-L854
If an empty address will be set, functions with onlyGov can not be called more.
review
input parameter must be checked if the param newGovernance is an empty address or not.
Per comment on #3 https://github.com/code-423n4/2022-02-aave-lens-findings/issues/3#issuecomment-1035512983 This is expected behavior. Decline.
Lines of code
https://github.com/code-423n4/2022-02-aave-lens/blob/main/contracts/core/LensHub.sol#L850-L854
Vulnerability details
Impact
If an empty address will be set, functions with onlyGov can not be called more.
Proof of Concept
https://github.com/code-423n4/2022-02-aave-lens/blob/main/contracts/core/LensHub.sol#L850-L854
Tools Used
review
Recommended Mitigation Steps
input parameter must be checked if the param newGovernance is an empty address or not.