0xBrian
commented
3 years ago Two of those really were tautologies. Checking uint >= 0 really is needless. But checking uint > 0 is OK.
Open code423n4 opened 3 years ago
0xBrian
commented
3 years ago Two of those really were tautologies. Checking uint >= 0 really is needless. But checking uint > 0 is OK.
0xBrian
commented
3 years ago At some point we got rid of all the uint >= 0 tautological checks.
Handle
s1m0
Vulnerability details
Impact
The following functions check that an uint > 0 but it's always true.
Proof of Concept
https://github.com/code-423n4/2021-04-vader/blob/main/vader-protocol/contracts/Utils.sol#L278 https://github.com/code-423n4/2021-04-vader/blob/main/vader-protocol/contracts/Utils.sol#L197 https://github.com/code-423n4/2021-04-vader/blob/main/vader-protocol/contracts/Vader.sol#L127
Tools Used
Manual analysis
Recommended Mitigation Steps
Remove the checks.