Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
code423n4Code4renaCODE423N4:2023-11-KELP-FINDINGS-ISSUES-883
HistoryNov 15, 2023 - 12:00 a.m.

Failure to Initialize Default Price Feeds Can Cause Unexpected Reverts

2023-11-1500:00:00
Code4rena
github.com
1
chainlink
pricefeed
unexpectedrevert
asset
mapping

6.8 Medium

AI Score

Confidence

High

JSON

Lines of code

Vulnerability details

Impact

The ChainlinkPriceOracle contract does not initialize default price feed mappings for supported assets. This means calling the getAssetPrice function before explicitly setting a feed will result in a revert instead of a defined failure response.

Details:

The contract relies on price feeds stored in a mapping but does not populate this mapping on deployment.
If getAssetPrice is called before any feeds are set using updatePriceFeedFor, it will throw an error.
A more user-friendly failure response should be returned instead of an unexpected revert in this case.

Tools Used

Recommended Mitigation Steps

Assessed type

Oracle

The text was updated successfully, but these errors were encountered:

All reactions

6.8 Medium

AI Score

Confidence

High

JSON