Tadle
Tadle
DeFiFoundry
27,750 USDC
View results
Previous Next
Submission Details
Severity: medium
Invalid

Rescuable.sol::It is necessary to check that the address of the rescue account cannot be a zero address

bydlife

Summary

When the owner calls the rescue() function, they do not check if the rescue address is a zero address. If it is a zero address, the program will not be revert() when executing payable (to). transfer (amount), but the owner will permanently lose this money.

Vulnerability Details

/**
* @notice The caller must be the owner.
* @dev Rescues an account.
* @param to The address of the account to rescue.
* @param token The token to rescue. If 0, it is ether.
* @param amount The amount to rescue.
* @notice The caller must be the owner.
*/
function rescue(
address to,
address token,
uint256 amount
) external onlyOwner {
if (token == address(0x0)) {
payable(to).transfer(amount);
} else {
_safe_transfer(token, to, amount);
}
emit Rescue(to, token, amount);
}

The parameter address to has not been checked, and it also involves the parameter address token. When the parameter token has a zero address, it will be transferred to ETH, so there may be confusion here. It is necessary to explicitly limit the parameter to to not have a zero address.

Impact

It may cause the owner to permanently lose an ETH.

Tools Used

Manual code review.

Recommendations

Add an assertion require () to restrict to from being a zero address.

function rescue(
address to,
address token,
uint256 amount
) external onlyOwner {
require(to != address(0),"to can't be address(0)"); // must be check
if (token == address(0x0)) {
payable(to).transfer(amount);
} else {
_safe_transfer(token, to, amount);
}
emit Rescue(to, token, amount);
}
Updates

Lead Judging Commences

0xnevi Lead Judge
about 1 year ago
0xnevi Lead Judge about 1 year ago
Submission Judgement Published
Invalidated
Reason: Known issue

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.