search

code-423n4 / 2021-06-gro-findings

0 stars 1 forks source link

Possible division-by-zero error in `burnAll` of `RebasingGToken` #119

Closed code423n4 closed 3 years ago

code423n4 commented 3 years ago

Handle

shw

Vulnerability details

Impact

At line 103 in the burnAll function of RebasingGToken, applyFactor(burnAmount, factor(), false) is used to calculate the burned amount. However, the result of factor() could return 0 and cause a division-by-zero error in the funtion applyFactor (note that the 3rd parameter is false).

Proof of Concept

Referenced code: RebasingGToken.sol#L103

Recommended Mitigation Steps

Add checks to handle cases where factor() returns 0, similar to those in the totalSupply and balanceOf functions.

kitty-the-kat commented 3 years ago

Factor cannot be 0 once the system has assets, this is an ops issue and is resolved by having gro-protocol being the first investor

ghoul-sol commented 3 years ago

Duplicate of #87 so non-critical.