Missing parameter validation #178
Labels
1 (Low Risk)
Assets are not at risk. State handling, function incorrect as to spec, issues with comments
bug
Something isn't working
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
Handle
cmichel
Vulnerability details
Some parameters of functions are not checked for non-zero values:
NestedFactory.constructor
: address parameters could be zero or not a contractNestedReserve.constructor
: address parameters could be zero or not a contractNestedBuybacker.constructor
: address parameters could be zero or not a contractImpact
Wrong user input or wallets defaulting to the zero addresses for a missing input can lead to the contract needing to redeploy or wasted gas.
Recommended Mitigation Steps
Validate the parameters.
The text was updated successfully, but these errors were encountered: