Issue seems to be resolved.
The issue was due to price() reverting with an empty error when oracle is deprecated and aggregator is set to zero. The mitigation first checks if the aggregator is set to zero and reverts with a custom error.
As previously mentioned, there might be other scenarios where the function would revert with an empty error (assert, call to an empty address, etc.), but for this specific scenario the issue seems to be resolved.
Lines of code
Vulnerability details
Issue seems to be resolved. The issue was due to
price()
reverting with an empty error when oracle is deprecated and aggregator is set to zero. The mitigation first checks if the aggregator is set to zero and reverts with a custom error.As previously mentioned, there might be other scenarios where the function would revert with an empty error (assert, call to an empty address, etc.), but for this specific scenario the issue seems to be resolved.