search

code-423n4 / 2022-05-opensea-seaport-findings

1 stars 0 forks source link

QA Report #161

Open code423n4 opened 2 years ago

code423n4 commented 2 years ago

1. Missing zero address check of initialOwner in createConduit of ConduitController.sol

function createConduit(bytes32 conduitKey, address initialOwner)
        external
        override
        returns (address conduit)
    {
       ......
       //recommendation
       if(initialOwner == address(0){
        revert ZeroAddressError();
        .....
     }

2. Use specific memory offset variables instead of generic offset in inline assembly

In contracts/lib/GettersAndDerivers.sol#L68

While writing assembly, use the specific memory offset variable for specific structs instead of using generic offsets such as OneWords TwoWords. This make the code easy to read/understand and reduces chances of error on change.

  // Current

  // Get the pointer to the offers array.
  let offerArrPtr := mload(add(orderParameters, TwoWords))

  // Recommended Change:

  // Get the pointer to the offers array.
  let offerArrPtr := mload(add(orderParameters, OrderParameters_offer_head_offset))
GalloDaSballo commented 1 year ago

1. Missing zero address check of initialOwner in createConduit of ConduitController.sol

Valid Low per #56

2. Use specific memory offset variables instead of generic offset in inline assembly

Disagree

1L