Closed sherlock-admin closed 1 year ago
descharre
medium
The constructor in HatsSignerGateFactory is missing a 0 check for every address.
All the adresses are immutable so there is no way to update the addresses to a valid address.
Setting an address by accident to the 0 address can lead to redeployment of the contract.
constructor( address _hatsSignerGateSingleton, address _multiHatsSignerGateSingleton, address _hatsAddress, address _safeSingleton, address _gnosisFallbackLibrary, address _gnosisMultisendLibrary, address _gnosisSafeProxyFactory, address _moduleProxyFactory, string memory _version ) { hatsSignerGateSingleton = _hatsSignerGateSingleton; multiHatsSignerGateSingleton = _multiHatsSignerGateSingleton; hatsAddress = _hatsAddress; safeSingleton = _safeSingleton; gnosisFallbackLibrary = _gnosisFallbackLibrary; gnosisMultisendLibrary = _gnosisMultisendLibrary; gnosisSafeProxyFactory = GnosisSafeProxyFactory(_gnosisSafeProxyFactory); moduleProxyFactory = ModuleProxyFactory(_moduleProxyFactory); version = _version; }
Manual Review
Add a 0 check or add setters for the addresses
descharre
medium
Missing 0 address check in constructor
Summary
The constructor in HatsSignerGateFactory is missing a 0 check for every address.
Vulnerability Detail
All the adresses are immutable so there is no way to update the addresses to a valid address.
Impact
Setting an address by accident to the 0 address can lead to redeployment of the contract.
Code Snippet
Tool used
Manual Review
Recommendation
Add a 0 check or add setters for the addresses