QS-9 Missing Input Validation #61
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
amarinkovic
force-pushed
the
QS-9-input-validation
branch
2 times, most recently
from
4f267bc
to
ba58fdc
Compare
amarinkovic
force-pushed
the
QS-9-input-validation
branch
from
ba58fdc
to
0f41e45
Compare
kevin-fruitful
force-pushed
the
audit-fixes
branch
from
f176185
to
0d0bdd4
Compare
amarinkovic
force-pushed
the
QS-9-input-validation
branch
from
f11e4de
to
8962097
Compare
amarinkovic
added a commit
that referenced
this pull request
Apr 27, 2023
* fix: Insufficient Contract Pausability [NAY-12] * fix: Adding Wrapped Participation Tokens as Supported External [NAY-14] * fix(6): trading commission total BP * fix(3): stakeholders arrays are sized properly * fix(8): validate upgrade expiration period updates * fix(9): validate upgrade cancellation * fix(10): validate token name is not empty * fix: formatting * fix(5): minimum policy coverage time --------- Co-authored-by: Kevin Park <kevin@fruitful.gg>
amarinkovic
added a commit
that referenced
this pull request
Apr 28, 2023
* fix: Insufficient Contract Pausability [NAY-12] * fix: Adding Wrapped Participation Tokens as Supported External [NAY-14] * fix(6): trading commission total BP * fix(3): stakeholders arrays are sized properly * fix(8): validate upgrade expiration period updates * fix(9): validate upgrade cancellation * fix(10): validate token name is not empty * fix: formatting * fix(5): minimum policy coverage time --------- Co-authored-by: Kevin Park <kevin@fruitful.gg>
amarinkovic
added a commit
that referenced
this pull request
May 8, 2023
* fix: normalize dividends withdrawn so far, for both parties involved when transferring entity tokens [NAY-2] * fix: double-counting of dividend payouts [NAY-3] * fix: incorrect accounting of sysAdmins when reassigning system role [NAY-6] * fix: fuzzer config * fix: Invalid Entity Update [NAY-7] * chore: remove unnecessary test file T02Helpers.sol * fix: Id Aliasing Between Addresses and Associated Objectid [NAY-8] * chore: delete T01SmartDeploymentV1.t.sol * fix: Insufficient Contract Pausability [NAY-12] * fix: Adding Wrapped Participation Tokens as Supported External [NAY-14] * fix: phased diamond cut now keccak256 hashes all 3 diamond cut params to check if an upgrade is valid [NAY-1] * fix: premium amount overspending [NAY-4] * fix: Missing Input Validation (#61) [NAY-9] * fix: Insufficient Contract Pausability [NAY-12] * fix: Adding Wrapped Participation Tokens as Supported External [NAY-14] * fix(6): trading commission total BP * fix(3): stakeholders arrays are sized properly * fix(8): validate upgrade expiration period updates * fix(9): validate upgrade cancellation * fix(10): validate token name is not empty * fix: formatting * fix(5): minimum policy coverage time --------- Co-authored-by: Kevin Park <kevin@fruitful.gg> * fix: Allowance Double-Spend Exploit [NAY-16] * fix: owner and system admin are now mutually exclusive. removed optimistic matching in the match making algorithm. updated Nayms diamond and deployment scripts. [NAY-11] * fix: improve observability [NAY-22] * Adherence to Best Practices (#62) * fix: unused imports, typos and redundant code * fix: commission arrays length limit * fix: index address in events * fix: reuse variables * fix: remove redundant struct * chore: remove LibMeta.sol * refactor: LibDiamond.initializeDiamondCut() throws error InitializationFunctionReverted instead of require msg * docs: remove todo comments in code * docs: improve explanation of UserFacet * doc: fix some missing natspec comments * doc: fix some typos * fix: rename role updated event * doc: clarify premium commission basis points * fix: comment typos * fix: policy event test --------- Co-authored-by: Kevin Park <kevin@fruitful.gg> * test: fix changePrank fails with no prank in progress to stop * fix: duplicate function selector, missing externalWithdrawFromEntity in lock and _unlockAllFundTransferFunctions() amendment [NAY-12] * fix: lock and unlockFunction() now emit FunctionsLocked and FunctionsUnlocked amendment [NAY-22] * fix: remove _addressToBytes32(), _bytes32ToString(), unused lib imports, add docs to _stringToBytes32() [NAY-bonus1] * chore: update version flag to post audit --------- Co-authored-by: Kevin Park <kevin@fruitful.gg>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Address what is reported in QS-9