search

hats-finance / ether-fi-0x36c3b77853dec9c4a237a692623293223d4b9bc4

Smart Contracts for Ether Fi dapp
1 stars 1 forks source link

Missing zero address checks in initializers and constructors #1

Open hats-bug-reporter[bot] opened 11 months ago

hats-bug-reporter[bot] commented 11 months ago

Github username: @0xfuje Submission hash (on-chain): 0x956c6258fbfd26ae5848ff4889785da7248c02f4b8f9fb5ec1167b9b47d50baa Severity: low

Description:

Description

While most contracts initializers and constructors check against zero addresses, not all of them follow this convention. The following contracts have missing zero address checks for address parameters in their constructor:

Recommendation

Add zero address checks - require(exampleAddress != address(0)) in the above mentioned contract's initializers and constructors.

0xfuje commented 11 months ago

Links are not redirecting properly, here are the correct links and code instances:

src/EtherFiAdmin.sol - initialize()

    function initialize(
        address _etherFiOracle,
        address _stakingManager,
        address _auctionManager,
        address _etherFiNodesManager,
        address _liquidityPool,
        address _membershipManager,
        address _withdrawRequestNft,
        int32 _acceptableRebaseAprInBps,
        uint16 _postReportWaitTimeInSlots
    ) external initializer {
        __Ownable_init();
        __UUPSUpgradeable_init();

        etherFiOracle = IEtherFiOracle(_etherFiOracle);
        stakingManager = IStakingManager(_stakingManager);
        auctionManager = IAuctionManager(_auctionManager);
        etherFiNodesManager = IEtherFiNodesManager(_etherFiNodesManager);
        liquidityPool = ILiquidityPool(_liquidityPool);
        membershipManager = IMembershipManager(_membershipManager);
        withdrawRequestNft = IWithdrawRequestNFT(_withdrawRequestNft);
        acceptableRebaseAprInBps = _acceptableRebaseAprInBps;
        postReportWaitTimeInSlots = _postReportWaitTimeInSlots;
    }

src/EarlyAdopterPool.sol - constructor()

    constructor(
        address _rETH,
        address _wstETH,
        address _sfrxETH,
        address _cbETH
    ) {
        rETH = _rETH;
        wstETH = _wstETH;
        sfrxETH = _sfrxETH;
        cbETH = _cbETH;

        rETHInstance = IERC20(_rETH);
        wstETHInstance = IERC20(_wstETH);
        sfrxETHInstance = IERC20(_sfrxETH);
        cbETHInstance = IERC20(_cbETH);
    }

src/NFTExchange.sol - initialize()

    function initialize(address _tNft, address _membershipNft, address _nodesMgr) external initializer {
        __Ownable_init();
        __UUPSUpgradeable_init();

        tNft = IERC721(_tNft);
        membershipNft = IMembershipNFT(_membershipNft);
        nodesMgr = IEtherFiNodesManager(_nodesMgr);
    }

src/helpres/AddressProvider.sol - constructor()

    constructor(address _owner) {
        owner = _owner;
    }