Closed code423n4 closed 1 year ago
https://github.com/code-423n4/2023-03-aragon/blob/main/packages/contracts/src/core/dao/DAO.sol#L185
A 0 address can be used here an transaction will not revert loosing funds
Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept.
The Function alone doesn't perform the checks
slither
Add a zero address check
0xean marked the issue as unsatisfactory: Overinflated severity
Lines of code
https://github.com/code-423n4/2023-03-aragon/blob/main/packages/contracts/src/core/dao/DAO.sol#L185
Vulnerability details
Impact
A 0 address can be used here an transaction will not revert loosing funds
Proof of Concept
Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept.
https://github.com/code-423n4/2023-03-aragon/blob/main/packages/contracts/src/core/dao/DAO.sol#L185
The Function alone doesn't perform the checks
Tools Used
slither
Recommended Mitigation Steps
Add a zero address check