Flow
Sablier
FoundryDeFi
20,000 USDC
View results
Previous Next
Submission Details
Severity: medium
Invalid

Missing Zero Address Check for `Recipient` in `SablierFlowBase::_update` May Cause Token Loss on Withdrawal

codedesignz

Summary

SablierFlowBase::_update does not perform a zero address check for the recipient, risking the possibility of an invalid recipient address.

Vulnerability Details

The lack of a zero address check for the recipient parameter could allow a stream to be updated with an invalid recipient address. If a zero address is set as the recipient, tokens associated with this stream may be permanently inaccessible upon withdrawal.

Impact

Updating a stream with a zero address as the recipient could lead to irreversible token loss when attempting a withdrawal.

Tools Used

Manual review

Recommendations

To address this vulnerability, add a zero address check in the SablierFlowBase::_update function.

Suggested Code Changes

In Errors.sol:

+ /// @notice Thrown when the recipient is a zero address.
+ error SablierFlow_InvalidRecipientAddress();

In SablierFlowBase::_update:

function _update(
address to,
uint256 streamId,
address auth
)
internal
override
updateMetadata(streamId)
returns (address)
{
+ if (to == address(0)) {
+ revert Errors.SablierFlow_InvalidRecipientAddress();
+ }
address from = _ownerOf(streamId);
if (from != address(0) && !_streams[streamId].isTransferable) {
revert Errors.SablierFlowBase_NotTransferable(streamId);
}
return super._update(to, streamId, auth);
}
Updates

Lead Judging Commences

inallhonesty Lead Judge 8 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.