Unvalidated Address Input in `setFeeReceiver(address _feeReceiver)` Function
Summary
The setFeeReceiver(address _feeReceiver) function in the Lender.sol smart contract lacks validation checks for the address input, which could lead to potential issues if the owner sets the receiver to an unsuitable address.
Vulnerability Details
The setFeeReceiver(address _feeReceiver) function is used to set the address that receives fees. The function uses the onlyOwner modifier, which means it can only be called by the owner of the contract. Although the onlyOwner modifier provides a layer of protection, the function itself does not validate the input address. This means that the owner can set the fee receiver to any arbitrary address, including addresses of contracts that may not be capable of receiving funds correctly. This could include contracts that always throw exceptions, revert transactions, or are deliberately designed to misbehave when receiving funds ("honeypot" contracts).
Code Snippet
Here's the signature of the function in question:
Impact
In a worst-case scenario, if the fee receiver is set to a contract that throws an exception when receiving funds, all transactions involving fee transfers could fail. This could disrupt the normal operation of the entire lending platform. However, since this function can only be called by the owner, the real-world impact of this issue is likely to be low unless the owner acts maliciously or carelessly.
Tools Used
Manual Code Review
Recommendations
To mitigate this issue, it's recommended to implement checks in the setFeeReceiver(address _feeReceiver) function to validate the input address. These checks could include:
Checking that the
_feeReceiveraddress is not a contract address. This can be done by using theextcodesizefunction in Solidity.Implementing a mechanism to allow the
_feeReceiveraddress to be changed only a limited number of times.In addition to these code-level checks, it's recommended to ensure that the ownership of the contract is securely managed, to prevent a malicious actor from gaining control and misusing this function.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.