Omniscia Steadefi Audit

JoeOracle Static Analysis Findings

JOE-01S: Inexistent Sanitization of Input Addresses

Type	Severity	Location
Input Sanitization		JoeOracle.sol:L19

Description:

The linked function(s) accept address arguments yet do not properly sanitize them.

Impact:

The presence of zero-value addresses, especially in constructor implementations, can cause the contract to be permanently inoperable. These checks are advised as zero-value inputs are a common side-effect of off-chain software related bugs.

Example:

contracts/oracles/JoeOracle.sol

19constructor(address _factory, address _router, address _chainlinkOracle) {
20  factory = _factory;
21  router = _router;
22  chainlinkOracle = _chainlinkOracle;
23}

Recommendation:

We advise some basic sanitization to be put in place by ensuring that each address specified is non-zero.

Alleviation (4325253d6de0ea91c1e9fb9e01d2e7e98f3d83a9):

The constructor of the JoeOracle implementation adequately sanitizes its address input arguments in the latest implementation, ensuring that the contract cannot be misconfigured during its deployment.

Omniscia Steadefi Audit

JoeOracle Static Analysis Findings

JoeOracle Static Analysis Findings

JOE-01S: Inexistent Sanitization of Input Addresses

Description:

Impact:

Example:

Recommendation:

Alleviation (4325253d6de0ea91c1e9fb9e01d2e7e98f3d83a9):

GMXPerpetualDEXLongVault.sol (GMX-S)

LendingPool.sol (LPL-S)

On this page