Unused returns on the ds. _withdraw(), NounsDAOLogicV3._withdraw(), and ds.executeFork()

[code423n4]

Lines of code

https://github.com/nounsDAO/nouns-monorepo/blob/718211e063d511eeda1084710f6a682955e80dcb/packages/nouns-contracts/contracts/governance/NounsDAOLogicV3.sol#L786-#L788 https://github.com/nounsDAO/nouns-monorepo/blob/718211e063d511eeda1084710f6a682955e80dcb/packages/nouns-contracts/contracts/governance/NounsDAOLogicV3.sol#L497-#L499 https://github.com/nounsDAO/nouns-monorepo/blob/718211e063d511eeda1084710f6a682955e80dcb/packages/nouns-contracts/contracts/governance/NounsDAOLogicV3.sol#L408-#L419

Vulnerability details

Impact

The return value of the external calls are not stores in a local variable or a state variable

Proof of Concept

The return values do not store the results in a store local or state variable. As a result, the computation have no effect.

Code:

NounsDAOLogicV3.getActions(uint256) (contracts/governance/NounsDAOLogicV3.sol#408-419) ignores return value by ds.getActions(proposalId) (contracts/governance/NounsDAOLogicV3.sol#418) NounsDAOLogicV3.executeFork() (contracts/governance/NounsDAOLogicV3.sol#497-499) ignores return value by ds.executeFork() (contracts/governance/NounsDAOLogicV3.sol#498) NounsDAOLogicV3._withdraw() (contracts/governance/NounsDAOLogicV3.sol#786-788) ignores return value by ds._withdraw() (contracts/governance/NounsDAOLogicV3.sol#787)

Tools Used

Manual Review

Recommended Mitigation Steps

Ensure that all the return values of the function calls are used.

Assessed type

Invalid Validation

[c4-pre-sort]

0xSorryNotSorry marked the issue as low quality report

[0xSorryNotSorry]

The submission does not provide any demonstration of the issue, reasoning and code blocks.

[c4-judge]

gzeon-c4 marked the issue as unsatisfactory: Insufficient quality