M-01 Dangerous use of uninitialized storage variables
The uninitialized storage variable will contain data stored in memory which can be accessed via writing and executing a function that simply calls the value that was last in memory for Types.Publication. This will allow the attacker to manipulate the Types.Publication output and view values being passed through Types.Publication.
Bug
The vulnerable code on line 277 is depicted as follow
Lines of code
https://github.com/code-423n4/2023-07-lens/blob/5103b29e71ad0e93cbad1f555291698fa4d6676e/contracts/libraries/PublicationLib.sol#L277
Vulnerability details
Impact
M-01 Dangerous use of uninitialized storage variables
The uninitialized storage variable will contain data stored in memory which can be accessed via writing and executing a function that simply calls the value that was last in memory for Types.Publication. This will allow the attacker to manipulate the Types.Publication output and view values being passed through Types.Publication.
Bug
The vulnerable code on line 277 is depicted as follow
Proof of Concept
URL of vulnerable code line
POC
Tools Used
Recommended Mitigation Steps
Initialize variable "_referencePub" or set the storage attribute "memory".
Fix
The solution or patch to the vulnerability is depicted as follow
Assessed type
Access Control