c4-pre-sort
commented
11 months ago raymondfam marked the issue as insufficient quality report
Closed c4-submissions closed 11 months ago
c4-pre-sort
commented
11 months ago raymondfam marked the issue as insufficient quality report
c4-pre-sort
commented
11 months ago raymondfam marked the issue as duplicate of #69
c4-judge
commented
11 months ago fatherGoose1 changed the severity to QA (Quality Assurance)
c4-judge
commented
11 months ago fatherGoose1 marked the issue as grade-b
Lines of code
https://github.com/code-423n4/2023-11-kelp/blob/main/src/LRTConfig.sol#L165 https://github.com/code-423n4/2023-11-kelp/blob/main/src/LRTConfig.sol#L149
Vulnerability details
Proof of Concept
When the admin calls those functions there is no check of bytes 0/ empty bytes .
Tools Used
manual review
Recommended Mitigation Steps
Check that input bytes32 can’t be 0 bytes or empty bytes.
Assessed type
Invalid Validation