Submission Details
Severity:
Lack of check 0 address in the constructor
Summary
The constructor initializes the CharityRegistry, but there is no validation to check if the address is zero.
Vulnerability Details
Lack of validation of 0 address in the constructor during initialization of CharityRegistry.
constructor(address _registry) ERC721("DonationReceipt", "DRC") {
// @audit here should be validation of the 0 address.
registry = CharityRegistry(msg.sender);
owner = msg.sender;
tokenCounter = 0;
}
Impact
Initializing the CharityRegistry with a zero address disrupts protocol functionality. It is essential to validate the address during initialization to ensure the proper functioning of the protocol.
Tools Used
manual review
Recommendations
Please add 0 address validation in the constructor.
require(_registry != address(0), "Invalid registry address")
constructor(address _registry) ERC721("DonationReceipt", "DRC") {
// @audit here should be validation of the 0 address.
require(_registry != address(0), "Invalid registry address")
registry = CharityRegistry(msg.sender);
owner = msg.sender;
tokenCounter = 0;
}
Rewards breakdown
nSLOC
67This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.