Part 2

Zaros

PerpetualsDEXFoundrySolidity

70,000 USDC

View results

Previous Next

Submission Details

Severity: low

Invalid

Missing Return Statements in Functions: Risk of Unintended Behavior

grimreaper

Summary

Throughout the codebase, several functions are missing explicit return statements, even though they are expected to return a value. This issue can result in unintended behavior, such as returning uninitialized variables or incorrect data. Properly initializing return variables and including explicit return statements are critical to maintaining the integrity and predictability of the functions.

Vulnerability Details

Description

The following functions in the codebase are identified as missing explicit return statements:

getCustomReferralCodeReferrer in MarketMakingEngineConfigurationBranch.sol.
checkLog in MarketOrderKeeper.sol.
decimals in MockERC20WithNoDecimals.sol.
factory in MockUniswapV2SwapStrategyRouter.sol.
WETH in MockUniswapV2SwapStrategyRouter.sol.

The lack of explicit return statements can cause these functions to return uninitialized or garbage values, which may lead to unpredictable behavior or failures in the system.

Impact

Uninitialized Variables: Functions without explicit return statements may return uninitialized values, leading to logical errors in downstream operations.
Security Risks: Returning incorrect or undefined data may cause unexpected vulnerabilities when interacting with other contracts or systems.
Developer Confusion: Missing return statements reduce code clarity, making it harder to debug and maintain.

Tools Used

Remix IDE: To review the function implementations and identify the missing return statements.
Slither: For static analysis to detect uninitialized return values.
MythX: To confirm the behavior of functions without explicit return statements.

Recommendations

Add Explicit Return Statements:
Ensure that all functions with a return type include explicit return statements. For example:

function decimals() public view returns (uint8) {

return 18; // Explicit return

}

Initialize Return Variables:
Initialize all return variables within the function to avoid returning undefined values:

function getCustomReferralCodeReferrer(address user) public view returns (address) {

address referrer = address(0); // Initialize with default value

// Logic to set referrer

return referrer;

}

Improve Code Clarity with Comments:
Add comments to functions to explain the intended return values and their significance, improving readability for developers.

Conduct Thorough Testing:
Write unit tests to validate the expected outputs of these functions and ensure they return the correct values.

Updates

Lead Judging Commences

inallhonesty Lead Judge 4 months ago

Submission Judgement Published

Invalidated

Reason: Non-acceptable severity

Prize pool breakdown

Total prize

70,000 USDC

nSLOC

3,258

21 USDC / LOC

High Medium

66,500

Low

3,500

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.