search

hats-finance / Tapioca-0xe0b920d38a0900af3bab7ff0ca0af554129f54ad

1 stars 2 forks source link

Incorrect address check in `setTapToken` in `AirdropBrokerSol` #12

Open hats-bug-reporter[bot] opened 1 month ago

hats-bug-reporter[bot] commented 1 month ago

Github username: @Jelev123 Twitter username: zhulien_zhelev Submission hash (on-chain): 0xe6a138a77d811e5d65a4bc583c3b7c52d4c8ad6a569f7a35ea052708b6842106 Severity: medium

Description: Description\ in setTapToken the check for zero address is wrong

  1. Proof of Concept (PoC) File 
    function setTapToken(address payable _tapToken) external onlyOwner {
    if (address(tapToken) != address(0)) revert NotValid();
    tapToken = TapToken(_tapToken);
}

    It must be:

 function setTapToken(address payable _tapToken) external onlyOwner {
        if (address(tapToken) == address(0)) revert NotValid();
        tapToken = TapToken(_tapToken);
    }
0xRektora commented 4 weeks ago

The check is correct. We are looking to setTapToken only if it wasn't set before.