Closed sherlock-admin closed 6 months ago
kolos3
medium
There is no zero address validation in the function setFeeToSetter()
setFeeToSetter()
Lack of zero address validation
The address feeToSetter could get set to 0 by accident and then not be able to change setFeeTo,setMigrator ,setFlashOn , setFlashFee and feeToSetter.
feeToSetter
setFeeTo
setMigrator
setFlashOn
setFlashFee
https://github.com/sherlock-audit/2024-02-jala-swap/blob/main/jalaswap-dex-contract/contracts/JalaFactory.sol#L65-L69
function setFeeToSetter(address _feeToSetter) external onlyFeeToSetter { address oldFeeToSetter = feeToSetter; feeToSetter = _feeToSetter; emit SetFeeToSetter(oldFeeToSetter, _feeToSetter); }
VsCode, Manual Review
Add this to the function require(_feeToSetter != address(0), "Zero address not allowed");
require(_feeToSetter != address(0), "Zero address not allowed");
Invalid based on sherlock rules
Zero address checks: Check to make sure input values are not zero addresses.
kolos3
medium
No zero address validation
Summary
There is no zero address validation in the function
setFeeToSetter()
Vulnerability Detail
Lack of zero address validation
Impact
The address
feeToSetter
could get set to 0 by accident and then not be able to changesetFeeTo
,setMigrator
,setFlashOn
,setFlashFee
and feeToSetter.https://github.com/sherlock-audit/2024-02-jala-swap/blob/main/jalaswap-dex-contract/contracts/JalaFactory.sol#L65-L69
Code Snippet
Tool used
VsCode, Manual Review
Recommendation
Add this to the function
require(_feeToSetter != address(0), "Zero address not allowed");