search

sherlock-audit / 2024-08-winnables-raffles-judging

6 stars 2 forks source link

Brave Mahogany Lizard - `BaseCCIPSender::_sendCCIPMessage` expects return value but none returned . #642

Closed sherlock-admin4 closed 3 months ago

sherlock-admin4 commented 3 months ago

Brave Mahogany Lizard

Low/Info

BaseCCIPSender::_sendCCIPMessage expects return value but none returned .

Summary

BaseCCIPSender::_sendCCIPMessage expects return value but none returned .

Vulnerability Detail

Function BaseCCIPSender::_sendCCIPMessage :

    function _sendCCIPMessage(
        address ccipDestAddress,
        uint64 ccipDestChainSelector,
        bytes memory data
    ) internal returns(bytes32 messageId) {
        if (ccipDestAddress == address(0) || ccipDestChainSelector == uint64(0)) {
            revert MissingCCIPParams();
        }

        // Send CCIP message to the desitnation contract
        IRouterClient router = IRouterClient(CCIP_ROUTER);
        LinkTokenInterface linkToken = LinkTokenInterface(LINK_TOKEN);

        Client.EVM2AnyMessage memory message = Client.EVM2AnyMessage({
            receiver: abi.encode(ccipDestAddress),
            data: data,
            tokenAmounts: new Client.EVMTokenAmount[](0),
            extraArgs: "",
            feeToken: LINK_TOKEN
        });

        uint256 fee = router.getFee(
            ccipDestChainSelector,
            message
        );
        uint256 currentLinkBalance = linkToken.balanceOf(address(this));

        if (fee > currentLinkBalance) {
            revert InsufficientLinkBalance(currentLinkBalance, fee);
        }

        messageId = router.ccipSend(
            ccipDestChainSelector,
            message
        );
        //@audit the function is supposed to return `messageId` but there's no return statement present here
        //refer to the official example for integration of chainlink contracts
        //emit event for better understanding in case of failure or success
    }

From the function definition it is supposed to return:

internal returns(bytes32 messageId)

But no return statement is present, it can lead to compilation failure or return default value of 0.

Impact

Function will return wrong/ unexpected value.

Code Snippet

https://github.com/sherlock-audit/2024-08-winnables-raffles/blob/main/public-contracts/contracts/BaseCCIPSender.sol#L15-L50

Tool used

Manual Review

Recommendation

Provide return statement.

++ return messageId ;