Mystery Box

First Flight #25
Beginner FriendlyFoundry
100 EXP
View results
Submission Details
Severity: low
Invalid

changeOwner() does not check if address provided is zero address

Summary

changeOwner() does not check if the address provided is a zero address. Thus, all Ether on the contract can be blocked.

Vulnerability Details

It's better to check if the address provided is not the zero address when changing the owner

Impact

All ether can be blocked on the contract

Recommendations

Check that the owner address provided is not the zero address

function changeOwner(address _newOwner) public {
+ require(_newOwner != address(0), "Please input a valid address");
owner = _newOwner;
}
Updates

Appeal created

inallhonesty Lead Judge 9 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.