Description:Description\
GaugeUpgradable.setInternalBribe() can be set to address(0). Although the function has a require statement to prevent this, instead of checking whether it is not zero it permits it:
function setInternalBribe(address _int) external onlyOwner {
require(_int >= address(0), "zero"); // @audit should be _int > address(0)
internal_bribe = _int;
}
Attack Scenario\
Calling the above function with the address(0) or by mistake will lead to fees lost.
This submission refers to the original Chronos & Thena code, as well as to a configuration error on the Owner's side, which all makes this an OOS issue
Github username: @arialblack14 Twitter username: 0xl3xx Submission hash (on-chain): 0x26ba0477d833f21916a518320646b96ad8e81e89fd94c4e056e2a30227953177 Severity: low
Description: Description\
GaugeUpgradable.setInternalBribe()
can be set toaddress(0)
. Although the function has arequire
statement to prevent this, instead of checking whether it is not zero it permits it:Attack Scenario\ Calling the above function with the
address(0)
or by mistake will lead to fees lost.Attachments
Proof of Concept (PoC) File
Revised Code File (Optional)