search

code-423n4 / 2022-07-swivel-findings

0 stars 1 forks source link

Missing checks for address (0x0) when assigning values to address state variables #113

Open code423n4 opened 2 years ago

code423n4 commented 2 years ago

Lines of code

https://github.com/code-423n4/2022-07-swivel/blob/daf72892d8a8d6eaa43b9e7d1924ccb0e612ee3c/Creator/Creator.sol#L48

Vulnerability details

Impact

The new admin address should be checked to be non-zero.

Tools Used

manually

Recommended Mitigation Steps

require(address(_registry) != address(0));

JTraversa commented 2 years ago

https://github.com/code-423n4/2022-07-swivel#input-sanitization

bghughes commented 2 years ago

Very similar to #80 and I believe should be QA for the same reasons described there.

bghughes commented 2 years ago

Making this the warden's main QA report as they only submitted Gas Optimizations