Title: Missing Validation in addSafe Function for Enabled Guard and Module
Description:
The addSafe function currently does not validate whether the msg.sender has enabled the guard and the PalmeraModule. This oversight allows safes to be added to an organization without any guard, leading to potential security issues and possible Denial of Service (DoS) in the disconnectSafe and removeWholeTree functions.
Impact:
Unauthorized safes can be added to an organization without the necessary guard.
DoS vulnerabilities in disconnectSafe and removeWholeTree due to lack of validation.
Proof of Concept (PoC):
To demonstrate the issue, make the following changes in SafeHelper.t.sol:
Suite result: ok. 1 passed; 0 failed; 0 skipped; finished in 43.99ms (11.09ms CPU time)
As the logs show, a safe without an enabled guard and module was added successfully.
Mitigation:
To mitigate this issue, add a validation check in the addSafe function to ensure that the msg.sender has enabled the guard and the module before proceeding:
NOTE: This issue exists in other functions as well.
Github username: @0xmahdirostami Twitter username: 0xmahdirostami Submission hash (on-chain): 0x8a527a1f843f29b2f7a4238c2a3b6e9293d5b4b1578f27446bdde2cca03e742b Severity: medium
Description:
Title: Missing Validation in
addSafe
Function for Enabled Guard and ModuleDescription: The
addSafe
function currently does not validate whether themsg.sender
has enabled the guard and thePalmeraModule
. This oversight allows safes to be added to an organization without any guard, leading to potential security issues and possible Denial of Service (DoS) in thedisconnectSafe
andremoveWholeTree
functions.Impact:
disconnectSafe
andremoveWholeTree
due to lack of validation.Proof of Concept (PoC):
To demonstrate the issue, make the following changes in
SafeHelper.t.sol
:This will prevent setting the guard and enabling the module before adding to the safe.
Add the following test to
SkipStressTestStorage
:Logs:
As the logs show, a safe without an enabled guard and module was added successfully.
Mitigation:
To mitigate this issue, add a validation check in the
addSafe
function to ensure that themsg.sender
has enabled the guard and the module before proceeding:NOTE: This issue exists in other functions as well.