Submission Details
Severity:
DSCEngine missing zero address check
Summary
Constructor is missing a zero address check. This could result in unexpected behavior when attempting to use the contract.
Vulnerability Details
The constructor is missing a zero address check for the decentralisation stable coin address and can be initialised without an error prompting the user.
constructor(
address[] memory tokenAddresses,
address[] memory priceFeedAddresses,
address dscAddress
) {
// USD Price Feeds
if (tokenAddresses.length != priceFeedAddresses.length) {
revert DSCEngine__TokenAddressesAndPriceFeedAddressesMustBeSameLength();
}
// For example ETH / USD, BTC / USD, MKR / USD, etc
for (uint256 i = 0; i < tokenAddresses.length; i++) {
s_priceFeeds[tokenAddresses[i]] = priceFeedAddresses[i];
s_collateralTokens.push(tokenAddresses[i]); //
}
i_dsc = DecentralizedStableCoin(dscAddress); // @audit-issue no zero address check.
}
Impact
DSCEngine contract initialised with zero address for decentralised stablecoin address
TEST
function test_DSZeroAddress() public {
tokenAddresses.push(weth);
feedAddresses.push(btcUsdPriceFeed);
dsce = new DSCEngine(tokenAddresses, feedAddresses, address(0x0));
// check the decentralised stablecoin address
address dsceAddr = dsce.getDsc();
emit log_named_address("Decentralised Stablecoin address", dsceAddr);
}
RESULT
Running 1 test for test/unit/DSCEngineTest.t.sol:DSCEngineTest
[PASS] test_DSZeroAddress() (gas: 1093878)
Logs:
Decentralised Stablecoin address: 0x0000000000000000000000000000000000000000
Test result: ok. 1 passed; 0 failed; finished in 3.38ms
Tools Used
Manual review, Foundry test
Recommendations
Implement a zero address check using the require function and the != (inequality) operator with address(0).
Example:
constructor(
address[] memory tokenAddresses,
address[] memory priceFeedAddresses,
address dscAddress
) {
// Zero address check for decentralised stablecoin
require(dscAddress != address(0), "Invalid decentralised stablecoin address");
// USD Price Feeds
if (tokenAddresses.length != priceFeedAddresses.length) {
revert DSCEngine__TokenAddressesAndPriceFeedAddressesMustBeSameLength();
}
// For example ETH / USD, BTC / USD, MKR / USD, etc
for (uint256 i = 0; i < tokenAddresses.length; i++) {
s_priceFeeds[tokenAddresses[i]] = priceFeedAddresses[i];
s_collateralTokens.push(tokenAddresses[i]); //
}
i_dsc = DecentralizedStableCoin(dscAddress);
}
Prize pool breakdown
Total prize
15,000 USDC
nSLOC
23664 USDC / LOC
14,000 USDC
1,000 USDC
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.