debtDelta and the return value of _accountDelta() are int256. When flipping the sign of the lowest possible int256 value, an overflow is triggered which would making the flip a no-op.
In this scenario, no real harm is done as the debtDelta is consumed by a controller or user contract, and should be well beyond any practical use.
Description
The following function in LoanPositionManager can overflow:
https://github.com/clober-dex/coupon-finance/blob/12f848f1421151b3c5f51a01ba38704339a1a3db/contracts/LoanPositionManager.sol#L101-L112
debtDelta
and the return value of_accountDelta()
areint256
. When flipping the sign of the lowest possibleint256
value, an overflow is triggered which would making the flip a no-op. In this scenario, no real harm is done as thedebtDelta
is consumed by a controller or user contract, and should be well beyond any practical use.