Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

no validation Of create2 Return Value #97

Open
hats-bug-reporter bot opened this issue Oct 13, 2024 · 2 comments
Open

no validation Of create2 Return Value #97

hats-bug-reporter bot opened this issue Oct 13, 2024 · 2 comments
Labels
bug Something isn't working invalid This doesn't seem right

Comments

@hats-bug-reporter
Copy link

Github username: @MGF15
Twitter username: --
Submission hash (on-chain): 0xe8434e228f31c69ce6d26d181da8bc69435498b7530a570c39244ad877a69f98
Severity: low

Description:
Description
The function createSwapPair in both StableSwapThreePoolDeployer and StableSwapTwoPoolDeployer does not revert properly if there is a failed contract deployment or revert from the create2 opcode as it does not properly check the returned address for bytecode. The create2 opcode returns the expected address which will never be the zero address (as is what is currently checked).

Attachments

  1. Proof of Concept (PoC) File
assembly {
            swapContract := create2(0, add(bytecode, 32), mload(bytecode), salt) // @audit no validation Of create2 Return Value
        }
        StableSwapTwoPool(swapContract).initialize(coins, _A, _fee, _admin_fee, _admin, _LP);

assembly {
            swapContract := create2(0, add(bytecode, 32), mload(bytecode), salt)
        }
        StableSwapThreePool(swapContract).initialize(coins, _A, _fee, _admin_fee, _admin, _LP);

recommended to add a validation Of create2 Return Value before deploy SwapPool
@hats-bug-reporter hats-bug-reporter bot added the bug Something isn't working label Oct 13, 2024
@omega-audits omega-audits added the invalid This doesn't seem right label Oct 13, 2024
@MGF15
Copy link

MGF15 commented Oct 13, 2024

@omega-audits can i have a feedback ?

@omega-audits
Copy link

in the issue, you say that the current implement is "improper", but did not describe any vulnerability or unexpected behavior.

Seems to me that that in cases where create2 fails, the function will revert on the call to initialize. Is there a scenario where this is not the case?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working invalid This doesn't seem right
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@MGF15 @omega-audits