The deploy function is used to deploy contracts. The function does not revert properly if there is a failed contract deployment or revert from the create3 opcode as it does not properly check the returned address.
Vulnerability Detail
see summary
Impact
If the function fails to deploy the contract the code will still assume that the deployment is successful which will cause unexpected issues.
helpMePlease
medium
no check on return value of
create3
The
deploy
function is used to deploy contracts. The function does not revert properly if there is a failed contract deployment or revert from the create3 opcode as it does not properly check the returned address.Vulnerability Detail
see summary
Impact
If the function fails to deploy the contract the code will still assume that the deployment is successful which will cause unexpected issues.
Code Snippet
https://github.com/sherlock-audit/2023-09-Gitcoin/blob/main/allo-v2/contracts/factory/ContractFactory.sol#L105
Tool used
Manual Review
Recommendation
The recommended mitigation was to update iszero(deployedContract) to iszero(extcodesize(deployedContract))