Submission Details
Severity:
Lack of Validation for Token Addresses in `KittyPool::meownufactureKittyVault`
Description: The KittyPool::meownufactureKittyVault function does not validate the _token and _priceFeed addresses, which could lead to the creation of a vault with invalid or malicious addresses.
Impact: Creation of vaults with invalid or malicious addresses could lead to loss of funds or other unexpected behavior.
Proof of Concept: An attacker could potentially call the function with invalid addresses:
// Attacker contract
contract AttackKittyPool {
KittyPool public kittyPool;
constructor(address _kittyPool) {
kittyPool = KittyPool(_kittyPool);
}
function attack() public {
// Create a vault with invalid addresses
kittyPool.meownufactureKittyVault(address(0), address(0));
}
}
Recommended Mitigation: Add validation checks to ensure that addresses are non-zero and valid.
function meownufactureKittyVault(address _token, address _priceFeed) external onlyMeowntainer {
require(_token != address(0), "Invalid token address");
require(_priceFeed != address(0), "Invalid price feed address");
require(tokenToVault[_token] == address(0), KittyPool__TokenAlreadyExistsMeeoooww());
address _kittyVault = address(new KittyVault{ salt: bytes32(abi.encodePacked(ERC20(_token).symbol())) }(_token, address(this), _priceFeed, i_euroPriceFeed, meowntainer, i_aavePool));
tokenToVault[_token] = _kittyVault;
vaults.push(_kittyVault);
}
Rewards breakdown
nSLOC
224This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.