There is many missing checks in nextgenadmin contract. #785
Labels
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
duplicate-644
insufficient quality report
This report is not of sufficient quality
unsatisfactory
does not satisfy C4 submission criteria; not eligible for awards
Comments
c4-submissions
added
2 (Med Risk)
c4-pre-sort
added
the
insufficient quality report
|
141345 marked the issue as insufficient quality report |
|
bot race known issue L-02 |
|
alex-ppg marked the issue as duplicate of #644 |
|
alex-ppg marked the issue as unsatisfactory: |
c4-judge
added
the
unsatisfactory
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Lines of code
https://github.com/code-423n4/2023-10-nextgen/blob/main/smart-contracts/NextGenAdmins.sol#L15
Vulnerability details
Proof of Concept
In every function there is missing input validation i.e there is no check input data emptiness .
There is no check of address(0), 0 bytes,0 value of uint. There is also no check of existence of _collectionID(maybe collection id is not created still).
Tools Used
manual review
Recommended Mitigation Steps
Validate all function inputs correctly.
Assessed type
Invalid Validation
The text was updated successfully, but these errors were encountered: