DittoETH

Ditto
DeFiFoundryOracle
55,000 USDC
View results
Submission Details
Severity: medium
Invalid

Missing zero check isPermanentlyFrozen

Summary

Vulnerability Details

The lack of a zero address validation in this context could potentially lead to unexpected results. For example, if a zero address is used as an input in a function that uses this modifier, the function might consider it as a valid asset, given its frozen status is F.Permanent. Although this situation is unlikely, it is theoretically possible.

Impact

Tools Used

Manual

Recommendations

Here is a recommended fix:

'''
modifier isPermanentlyFrozen(address asset) {
require(asset != address(0), "Asset address cannot be 0");
if (s.asset[asset].frozen != F.Permanent) {
revert Errors.AssetIsNotPermanentlyFrozen();
}
_;
}

This code adds a `require` statement at the beginning of the modifier to ensure that the asset address is not zero. If it is, the function will revert with an error message.
Updates

Lead Judging Commences

0xnevi Lead Judge
over 1 year ago
0xnevi Lead Judge over 1 year ago
Submission Judgement Published
Invalidated
Reason: Other

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.