Incomplete input validation for _parseIntoOracle function in OracleParams.sol
Summary
The _parseIntoOracle function in the OracleParams.sol contract does not perform sufficient input validation on the provided OracleParams structure, which may result in unintended behavior or security vulnerabilities.
Vulnerability Detail
The _parseIntoOracle function takes an OracleParams structure as an input and either returns the existing oracle or creates a new one using the provided CreateOracleParams. However, there is no input validation to ensure that the provided OracleParams structure is valid or that the CreateOracleParams structure contains a valid IOracleFactory address and data.
Impact
This vulnerability could lead to unintended behavior or security vulnerabilities if an invalid or malicious OracleParams structure is provided.
Add input validation checks to ensure that the provided OracleParams structure is valid, and that the CreateOracleParams structure contains a valid IOracleFactory address and data. This will help prevent unintended behavior or security vulnerabilities.
moneyversed
high
Incomplete input validation for _parseIntoOracle function in OracleParams.sol
Summary
The _parseIntoOracle function in the OracleParams.sol contract does not perform sufficient input validation on the provided OracleParams structure, which may result in unintended behavior or security vulnerabilities.
Vulnerability Detail
The _parseIntoOracle function takes an OracleParams structure as an input and either returns the existing oracle or creates a new one using the provided CreateOracleParams. However, there is no input validation to ensure that the provided OracleParams structure is valid or that the CreateOracleParams structure contains a valid IOracleFactory address and data.
Impact
This vulnerability could lead to unintended behavior or security vulnerabilities if an invalid or malicious OracleParams structure is provided.
Code Snippet
https://github.com/sherlock-audit/2023-04-splits/blob/main/splits-oracle/src/peripherals/OracleParams.sol#L23
Tool used
Manual Review
Recommendation
Add input validation checks to ensure that the provided OracleParams structure is valid, and that the CreateOracleParams structure contains a valid IOracleFactory address and data. This will help prevent unintended behavior or security vulnerabilities.