c4-judge
commented
1 year ago 0xean marked the issue as satisfactory
Open code423n4 opened 1 year ago
c4-judge
commented
1 year ago 0xean marked the issue as satisfactory
Lines of code
Vulnerability details
Issue seems to be resolved. The issue was due to
price()reverting with an empty error when oracle is deprecated and aggregator is set to zero. The mitigation first checks if the aggregator is set to zero and reverts with a custom error.As previously mentioned, there might be other scenarios where the function would revert with an empty error (assert, call to an empty address, etc.), but for this specific scenario the issue seems to be resolved.