c4-judge
commented
1 year ago 0xean marked the issue as unsatisfactory: Overinflated severity
Closed code423n4 closed 1 year ago
c4-judge
commented
1 year ago 0xean marked the issue as unsatisfactory: Overinflated severity
Lines of code
https://github.com/code-423n4/2023-03-aragon/blob/main/packages/contracts/src/core/dao/DAO.sol#L185
Vulnerability details
Impact
A 0 address can be used here an transaction will not revert loosing funds
Proof of Concept
Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept.
https://github.com/code-423n4/2023-03-aragon/blob/main/packages/contracts/src/core/dao/DAO.sol#L185
The Function alone doesn't perform the checks
Tools Used
slither
Recommended Mitigation Steps
Add a zero address check