Omniscia Stakewise Audit
PoolValidators Static Analysis Findings
PoolValidators Static Analysis Findings
PVS-01S: Inexistent Zero-Based Input Validation
| Type | Severity | Location |
|---|---|---|
| Input Sanitization | Minor | PoolValidators.sol:L38-L45 |
Description:
The input arguments of the linked function are of the address type, are set once and are not validated to be different from the zero-address.
Example:
contracts/pool/PoolValidators.sol
38/**39 * @dev See {IPoolValidators-initialize}.40 */41function initialize(address _admin, address _pool, address _oracles) external override initializer {42 __OwnablePausableUpgradeable_init(_admin);43 pool = IPool(_pool);44 oracles = _oracles;45}Recommendation:
We advise such validations to be introduced to ensure no misconfiguration can occur.
Alleviation:
All arguments are now properly sanitized against the zero-address.