The GetPoolByLptDenom function takes lptDenom as an input parameter and uses it right away as an argument to retrieve a pool from the KVStore. However, if it is empty or invalid, the function will attempt to do it regardless, which may lead to unexpected behavior (the check could be in the Get function, I didn't go any further because you shall not naively trust third parties APIs, just focus on what your code does).
Lines of code
https://github.com/code-423n4/2023-06-canto/blob/a4ff2fd2e67e77e36528fad99f9d88149a5e8532/Canto/x/coinswap/keeper/pool.go#L59
Vulnerability details
Impact
Lack of propper parameter validation
Proof of Concept
The
GetPoolByLptDenom
function takeslptDenom
as an input parameter and uses it right away as an argument to retrieve a pool from the KVStore. However, if it is empty or invalid, the function will attempt to do it regardless, which may lead to unexpected behavior (the check could be in theGet
function, I didn't go any further because you shall not naively trust third parties APIs, just focus on what your code does).Tools Used
Manual analysis
Recommended Mitigation Steps
Check for null or invalid
lptDenom
Assessed type
Invalid Validation