`Buoy3Pool._updateRatios` unsafe math

[code423n4]

Handle

cmichel

Vulnerability details

Vulnerability Details

The function performs type conversions and subtraction without over-/underflow checks:

uint256 check = abs(int256(_ratio) - int256(chainRatios[i].div(CHAIN_FACTOR)));

Recommended Mitigation Steps

We recommend checking if the values fit within the type range first, otherwise revert with a meaningful error message, as well as checking for underflows.

[kitty-the-kat]

6

[ghoul-sol]

This is partially a duplicate of #6 but it focuses on low risk issue so I'll record is as a separate (low risk) issue.