no validation Of create2 Return Value

[hats-bug-reporter]

Github username: @MGF15
Twitter username: --
Submission hash (on-chain): 0xe8434e228f31c69ce6d26d181da8bc69435498b7530a570c39244ad877a69f98
Severity: low

Description:
Description
The function createSwapPair in both StableSwapThreePoolDeployer and StableSwapTwoPoolDeployer does not revert properly if there is a failed contract deployment or revert from the create2 opcode as it does not properly check the returned address for bytecode. The create2 opcode returns the expected address which will never be the zero address (as is what is currently checked).

Attachments

1. Proof of Concept (PoC) File

assembly {
            swapContract := create2(0, add(bytecode, 32), mload(bytecode), salt) // @audit no validation Of create2 Return Value
        }
        StableSwapTwoPool(swapContract).initialize(coins, _A, _fee, _admin_fee, _admin, _LP);

assembly {
            swapContract := create2(0, add(bytecode, 32), mload(bytecode), salt)
        }
        StableSwapThreePool(swapContract).initialize(coins, _A, _fee, _admin_fee, _admin, _LP);

recommended to add a validation Of create2 Return Value before deploy SwapPool

[MGF15]

@omega-audits can i have a feedback ?

[omega-audits]

in the issue, you say that the current implement is "improper", but did not describe any vulnerability or unexpected behavior.

Seems to me that that in cases where create2 fails, the function will revert on the call to initialize. Is there a scenario where this is not the case?