First Flight #4: Boss Bridge
First Flight #4
Beginner FriendlyFoundryBridge
100 EXP
View results
Previous Next
Submission Details
Severity: medium
Invalid

TokenFactory does not check if `deployToken()` failed on `create`

t0x1c

Summary

The assembly create command used here can fail and return 0. However the code assumes the deployment is always successful and moves forward.

Vulnerability Details

create command can fail because of following reasons, and returns 0 in such a case:

Deployment can fail due to:

  • Insufficient value to send.

  • Sub context reverted.

  • Insufficient gas to execute the initialisation code.

  • Call depth limit reached.

Stack output

  1. address: the address of the deployed contract, 0 if the deployment failed.

However, while deploying a new token, this is not checked here.

Impact

Even though the token has not been successfully deployed, further transactions are allowed which would revert or cause incorrect token calculations.

Tools Used

Manual inspection.

Recommendations

function deployToken(string memory symbol, bytes memory contractBytecode) public onlyOwner returns (address addr) {
assembly {
addr := create(0, add(contractBytecode, 0x20), mload(contractBytecode))
}
+ require(addr != 0, "token deployment failed");
s_tokenToAddress[symbol] = addr;
emit TokenDeployed(symbol, addr);
}
Updates

Lead Judging Commences

0xnevi Lead Judge
about 2 years ago
0xnevi Lead Judge about 2 years ago
Submission Judgement Published
Invalidated
Reason: Known issue

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.