search

sherlock-audit / 2023-10-real-wagmi-judging

16 stars 14 forks source link

phenom - Use descriptive constant instead of 0 as a parameter #155

Closed sherlock-admin closed 11 months ago

sherlock-admin commented 11 months ago

phenom

medium

Use descriptive constant instead of 0 as a parameter

name: Use descriptive constant instead of 0 as a parameter about: title: "Use descriptive constant instead of 0 as a parameter" labels: "Low Issues " assignees: ""

Summary

This issue, highlights a security concern related to the use of the value 0 or 0x0 as a function argument. Such usage can potentially lead to security vulnerabilities. The recommended approach is to replace these instances with descriptive constant variables to clarify their purpose and mitigate security risks.

Vulnerability Detail

.

Impact

Passing 0 or 0x0 as a function argument can sometimes result in a security issue.

Code Snippet

File: LiqBorrowingMan/LiquidityBorrowingManager.sol

881:                     saleTokenBalance,

File: LiqBorrowingMan/abstract/ApproveSwapAndPay.sol

95:                     require(_tryApprove(token, spender, 0));

File: LiqBorrowingMan/libraries/ExternalCall.sol

27:             if gt(swapAmountInDataValue, 0) {

32:                 target,

35:                 data.length,

40:             if and(not(success), and(gt(returndatasize(), 0), lt(returndatasize(), 256))) {

41:                 returndatacopy(ptr, 0, returndatasize())

Tool used

Manual Review

Recommendation

Consider using a constant variable with a descriptive name, so it's clear that the argument is intentionally being used, and for the right reasons.