Submission Details
Severity:
Unused return
Summary
The return value of an external call is not stored in a local or state variable.
Vulnerability Details
File: contracts/libraries/Oracle/LibChainlinkOracle.sol
/// @audit ******************* Issue Detail *******************
LibChainlinkOracle.getEthUsdTwap(uint256) (contracts/libraries/Oracle/LibChainlinkOracle.sol#70-136) ignores return value by:
- (_answer,_timestamp) = priceAggregator.getRoundData(roundId) (contracts/libraries/Oracle/LibChainlinkOracle.sol#109-125)
/// @audit ************** Possible Issue Line(s) **************
L#109-125,
/// @audit ****************** Affected Code *******************
109: try priceAggregator.getRoundData(roundId) returns (
110: uint80 /* roundId */,
111: int256 _answer,
112: uint256 /* startedAt */,
113: uint256 _timestamp,
114: uint80 /* answeredInRound */
115: ) {
116: if (checkForInvalidTimestampOrAnswer(_timestamp, _answer, timestamp)) {
117: return 0;
118: }
119: lastTimestamp = timestamp;
120: timestamp = _timestamp;
121: answer = _answer;
122: } catch {
123: // If call to Chainlink aggregator reverts, return a price of 0 indicating failure
124: return 0;
125: }
GitHub : 70-136
File: contracts/beanstalk/silo/SiloFacet/SiloGettersFacet.sol
/// @audit ******************* Issue Detail *******************
SiloGettersFacet.getGerminatingTotalDepositedBdv(address) (contracts/beanstalk/silo/SiloFacet/SiloGettersFacet.sol#92-94) ignores return value by:
- (_bdv,None) = LibGerminate.getTotalGerminatingForToken(token) (contracts/beanstalk/silo/SiloFacet/SiloGettersFacet.sol#93)
/// @audit ************** Possible Issue Line(s) **************
L#93,
/// @audit ****************** Affected Code *******************
92: function getGerminatingTotalDepositedBdv(address token) external view returns (uint256 _bdv) {
93: (_bdv, ) = LibGerminate.getTotalGerminatingForToken(token);
94: }
GitHub : 92-94
File: contracts/beanstalk/silo/ConvertFacet.sol
/// @audit ******************* Issue Detail *******************
ConvertFacet._withdrawTokens(address,int96[],uint256[],uint256) (contracts/beanstalk/silo/ConvertFacet.sol#112-199) ignores return value by:
- LibSilo.burnActiveStalk(msg.sender,a.active.stalk.add(a.active.bdv.mul(s.ss[token].stalkIssuedPerBdv))) (contracts/beanstalk/silo/ConvertFacet.sol#194-197)
/// @audit ************** Possible Issue Line(s) **************
L#194-197,
/// @audit ****************** Affected Code *******************
194: LibSilo.burnActiveStalk(
195: msg.sender,
196: a.active.stalk.add(a.active.bdv.mul(s.ss[token].stalkIssuedPerBdv))
197: );
GitHub : 112-199
File: contracts/libraries/Silo/LibLegacyTokenSilo.sol
/// @audit ******************* Issue Detail *******************
LibLegacyTokenSilo._migrateNoDeposits(address) (contracts/libraries/Silo/LibLegacyTokenSilo.sol#229-236) ignores return value by:
- (needsMigration) = LibSilo.migrationNeeded(account) (contracts/libraries/Silo/LibLegacyTokenSilo.sol#232)
/// @audit ************** Possible Issue Line(s) **************
L#232,
/// @audit ****************** Affected Code *******************
229: function _migrateNoDeposits(address account) internal {
230: AppStorage storage s = LibAppStorage.diamondStorage();
231: require(s.a[account].s.seeds == 0, "only for zero seeds");
232: (bool needsMigration, ) = LibSilo.migrationNeeded(account);
233: require(needsMigration, "no migration needed");
234:
235: s.a[account].lastUpdate = s.season.stemStartSeason;
236: }
GitHub : 229-236
GitHub : 229-236
File: contracts/beanstalk/silo/SiloFacet/SiloGettersFacet.sol
/// @audit ******************* Issue Detail *******************
SiloGettersFacet.migrationNeeded(address) (contracts/beanstalk/silo/SiloFacet/SiloGettersFacet.sol#575-577) ignores return value by:
- (hasMigrated,None) = LibSilo.migrationNeeded(account) (contracts/beanstalk/silo/SiloFacet/SiloGettersFacet.sol#576)
/// @audit ************** Possible Issue Line(s) **************
L#576,
/// @audit ****************** Affected Code *******************
575: function migrationNeeded(address account) external view returns (bool hasMigrated) {
576: (hasMigrated, ) = LibSilo.migrationNeeded(account);
577: }
GitHub : 575-577
File: contracts/beanstalk/silo/SiloFacet/SiloGettersFacet.sol
/// @audit ******************* Issue Detail *******************
SiloGettersFacet.getGerminatingTotalDeposited(address) (contracts/beanstalk/silo/SiloFacet/SiloGettersFacet.sol#85-87) ignores return value by:
- (None,amount) = LibGerminate.getTotalGerminatingForToken(token) (contracts/beanstalk/silo/SiloFacet/SiloGettersFacet.sol#86)
/// @audit ************** Possible Issue Line(s) **************
L#86,
/// @audit ****************** Affected Code *******************
85: function getGerminatingTotalDeposited(address token) external view returns (uint256 amount) {
86: ( , amount) = LibGerminate.getTotalGerminatingForToken(token);
87: }
GitHub : 85-87
File: contracts/libraries/Well/LibWell.sol
/// @audit ******************* Issue Detail *******************
LibWell.getTwaReservesFromBeanstalkPump(address) (contracts/libraries/Well/LibWell.sol#248-262) ignores return value by:
- (twaReserves) = ICumulativePump(C.BEANSTALK_PUMP).readTwaReserves(well,s.wellOracleSnapshots[well],uint40(s.season.timestamp),C.BYTES_ZERO) (contracts/libraries/Well/LibWell.sol#252-261)
/// @audit ************** Possible Issue Line(s) **************
L#252-261,
/// @audit ****************** Affected Code *******************
248: function getTwaReservesFromBeanstalkPump(
249: address well
250: ) internal view returns (uint256[] memory) {
251: AppStorage storage s = LibAppStorage.diamondStorage();
252: try ICumulativePump(C.BEANSTALK_PUMP).readTwaReserves(
253: well,
254: s.wellOracleSnapshots[well],
255: uint40(s.season.timestamp),
256: C.BYTES_ZERO
257: ) returns (uint[] memory twaReserves, bytes memory) {
258: return twaReserves;
259: } catch {
260: return (new uint256[](2));
261: }
262: }
GitHub : 248-262
File: contracts/libraries/Silo/LibLegacyTokenSilo.sol
/// @audit ******************* Issue Detail *******************
LibLegacyTokenSilo._mowAndMigrateMerkleCheck(address,uint256,uint256,bytes32[],uint256) (contracts/libraries/Silo/LibLegacyTokenSilo.sol#355-399) ignores return value by:
- LibSilo.burnActiveStalk(account,currentStalkDiff) (contracts/libraries/Silo/LibLegacyTokenSilo.sol#393-396)
/// @audit ************** Possible Issue Line(s) **************
L#393-396,
/// @audit ****************** Affected Code *******************
393: LibSilo.burnActiveStalk(
394: account,
395: currentStalkDiff
396: );
GitHub : 355-399
File: contracts/beanstalk/sun/SeasonFacet/Weather.sol
/// @audit ******************* Issue Detail *******************
Weather.sop() (contracts/beanstalk/sun/SeasonFacet/Weather.sol#181-213) ignores return value by:
- C.bean().approve(sopWell,sopBeans) (contracts/beanstalk/sun/SeasonFacet/Weather.sol#202)
/// @audit ************** Possible Issue Line(s) **************
L#202,
/// @audit ****************** Affected Code *******************
202: C.bean().approve(sopWell, sopBeans);
GitHub : 181-213
File: contracts/beanstalk/silo/SiloFacet/SiloGettersFacet.sol
/// @audit ******************* Issue Detail *******************
SiloGettersFacet.balanceOfRoots(address) (contracts/beanstalk/silo/SiloFacet/SiloGettersFacet.sol#357-364) ignores return value by:
- (germinatingRoots) = LibGerminate.getFinishedGerminatingStalkAndRoots(account,s.a[account].lastUpdate,s.season.current) (contracts/beanstalk/silo/SiloFacet/SiloGettersFacet.sol#358-362)
/// @audit ************** Possible Issue Line(s) **************
L#358-362,
/// @audit ****************** Affected Code *******************
357: function balanceOfRoots(address account) external view returns (uint256) {
358: (, uint256 germinatingRoots) = LibGerminate.getFinishedGerminatingStalkAndRoots(
359: account,
360: s.a[account].lastUpdate,
361: s.season.current
362: );
363: return s.a[account].roots.add(germinatingRoots);
364: }
GitHub : 357-364
Impact
return variables must be checked for errors to decided next execution path.
Tools Used
Manual Review
Recommendations
Ensure that all the return values of the function calls are used.
Updates
Lead Judging Commences
giovannidisiena over 1 year ago
Submission Judgement Published Reason: Too generic
Assigned finding tags:
Informational/Invalid
Prize pool breakdown
Total prize
100,000 USDC
nSLOC
5,77617 USDC / LOC
95,000 USDC
5,000 USDC
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.