Closed sherlock-admin closed 9 months ago
Invalid, this would constitute user input error not valid based on sherlock rules
- User input validation: User input validation to prevent user mistakes is not considered a valid issue.
1 comment(s) were left on this issue during the judging contest.
pratraut commented:
'invalid as delegate of votes is supposed to be happened via escrow contract'
millietez
medium
Absence of validation for input parameters
Summary
Absence of validation for input parameters in OZVotingAdaptor.sol#delegate.
Vulnerability Detail
OZVotingAdaptor.sol#L57
If the input data
params
for thedelegate
function does not have the expected size of 20 bytes, a data decoding error will occur.Impact
Incorrect data decoding and contract refusal to process requests.
Code Snippet
https://github.com/sherlock-audit/2024-01-rio-vesting-escrow/blob/2d14c2b84b69c53a45c81aa4f907af9617f9a94f/rio-vesting-escrow/src/adaptors/OZVotingAdaptor.sol#L57
Tool used
Manual Review
Recommendation
Add a length check for input data to avoid potential errors in the contract's operation.