Closed code423n4 closed 2 years ago
https://github.com/code-423n4/2022-08-nounsdao/blob/main/contracts/governance/NounsDAOLogicV2.sol#L839-L845
the vetoer can burn the Veto Power by mistake without invoking the _burnVetoPower()
vetoer
Veto Power
_burnVetoPower()
the vetoer could make a mistake by passing address(0x0) when he tries to set a new vetoer address by invoking _setVetoer()
address(0x0)
_setVetoer()
Add check for address(0x0)
Duplicate of #315
davidbrai
commented
2 years ago davidbrai
commented
2 years ago
Lines of code
https://github.com/code-423n4/2022-08-nounsdao/blob/main/contracts/governance/NounsDAOLogicV2.sol#L839-L845
Vulnerability details
Impact
the
vetoercan burn theVeto Powerby mistake without invoking the_burnVetoPower()Proof of Concept
the
vetoercould make a mistake by passingaddress(0x0)when he tries to set a newvetoeraddress by invoking_setVetoer()Recommended Mitigation Steps
Add check for
address(0x0)