DeFiHardhatOracleProxyUpdates
100,000 USDC
View results
Submission Details
Severity: low
Invalid

Uninitialized State Variable Vulnerability in SeasonGettersFacet.sol

Summary

The SeasonGettersFacet contract in the provided codebase exposes a high-risk vulnerability due to the uninitialized state variable s. This variable is never initialized within the contract, yet it is utilized extensively across various functions, potentially leading to unexpected behavior or vulnerabilities in the system.

Vulnerability Details

The s state variable in the SeasonGettersFacet contract is utilized in numerous functions without being initialized anywhere within the contract. This lack of initialization poses a significant risk as it may lead to inconsistencies or errors when accessing data stored in this variable.

AppStorage internal s;

Slither output with location in the SeasonGettersFacet.sol where the variable 's' is used:

- SeasonGettersFacet.season() (contracts/beanstalk/sun/SeasonFacet/SeasonGettersFacet.sol#35-37)
- SeasonGettersFacet.paused() (contracts/beanstalk/sun/SeasonFacet/SeasonGettersFacet.sol#42-44)
- SeasonGettersFacet.time() (contracts/beanstalk/sun/SeasonFacet/SeasonGettersFacet.sol#49-51)
- SeasonGettersFacet.abovePeg() (contracts/beanstalk/sun/SeasonFacet/SeasonGettersFacet.sol#56-58)
- SeasonGettersFacet.sunriseBlock() (contracts/beanstalk/sun/SeasonFacet/SeasonGettersFacet.sol#63-65)
- SeasonGettersFacet.weather() (contracts/beanstalk/sun/SeasonFacet/SeasonGettersFacet.sol#70-72)
- SeasonGettersFacet.rain() (contracts/beanstalk/sun/SeasonFacet/SeasonGettersFacet.sol#77-79)
- SeasonGettersFacet.plentyPerRoot(uint32) (contracts/beanstalk/sun/SeasonFacet/SeasonGettersFacet.sol#84-86)
- SeasonGettersFacet.wellOracleSnapshot(address) (contracts/beanstalk/sun/SeasonFacet/SeasonGettersFacet.sol#112-114)
- SeasonGettersFacet.getSeedGauge() (contracts/beanstalk/sun/SeasonFacet/SeasonGettersFacet.sol#137-139)
- SeasonGettersFacet.getAverageGrownStalkPerBdvPerSeason() (contracts/beanstalk/sun/SeasonFacet/SeasonGettersFacet.sol#146-148)
- SeasonGettersFacet.getBeanToMaxLpGpPerBdvRatio() (contracts/beanstalk/sun/SeasonFacet/SeasonGettersFacet.sol#154-156)
- SeasonGettersFacet.getBeanToMaxLpGpPerBdvRatioScaled() (contracts/beanstalk/sun/SeasonFacet/SeasonGettersFacet.sol#162-164)
- SeasonGettersFacet.getGaugePointsPerBdvForWell(address) (contracts/beanstalk/sun/SeasonFacet/SeasonGettersFacet.sol#182-190)
- SeasonGettersFacet.getGrownStalkIssuedPerSeason() (contracts/beanstalk/sun/SeasonFacet/SeasonGettersFacet.sol#210-219)
- SeasonGettersFacet.getGrownStalkIssuedPerGp() (contracts/beanstalk/sun/SeasonFacet/SeasonGettersFacet.sol#224-238)
- SeasonGettersFacet.getPodRate() (contracts/beanstalk/sun/SeasonFacet/SeasonGettersFacet.sol#243-246)
- SeasonGettersFacet.getDeltaPodDemand() (contracts/beanstalk/sun/SeasonFacet/SeasonGettersFacet.sol#260-264)
- SeasonGettersFacet.getWeightedTwaLiquidityForWell(address) (contracts/beanstalk/sun/SeasonFacet/SeasonGettersFacet.sol#281-285)
- SeasonGettersFacet.getGaugePoints(address) (contracts/beanstalk/sun/SeasonFacet/SeasonGettersFacet.sol#312-314)
- SeasonGettersFacet.getSopWell() (contracts/beanstalk/sun/SeasonFacet/SeasonGettersFacet.sol#322-324)

Impact

The impact of this vulnerability is severe as it can result in undefined behavior or errors when accessing data stored in the uninitialized s state variable. Depending on the specific context and usage of s within the contract functions, this vulnerability may lead to unexpected outcomes, potential security breaches, or system malfunctions.

Tools Used

Manual review and slither.

Recommendations

To mitigate this vulnerability, it is crucial to initialize all state variables properly before accessing or utilizing them within the contract functions. Consider reviewing the contract's initialization logic and ensuring that all state variables are initialized to appropriate values or references before being accessed or utilized within the contract functions.

Updates

Lead Judging Commences

giovannidisiena Lead Judge about 1 year ago
Submission Judgement Published
Invalidated
Reason: Incorrect statement
Assigned finding tags:

Uninitialized state

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.