search

code-423n4 / 2021-06-tracer-findings

1 stars 0 forks source link

Missing validation on calculateTWAP #130

Open code423n4 opened 3 years ago

code423n4 commented 3 years ago

Handle

a_delamo

Vulnerability details

Impact

On the calculateTWAP method, we should add the following validations to prevent division by zero

if (totalUnderlyingTimeWeight == 0 && totalDerivativeTimeWeight == 0) {
            return TWAP(0, 0);
            //FIXME: Missing validation totalDerivativeTimeWeight > 0
        } else if (totalUnderlyingTimeWeight == 0) {
            return TWAP(0, cumulativeDerivative / totalDerivativeTimeWeight);
            //FIXME: Missing validation cumulativeUnderlying > 0
        } else if (totalDerivativeTimeWeight == 0) {
            return TWAP(cumulativeUnderlying / totalUnderlyingTimeWeight, 0);
        }
raymogg commented 3 years ago

We check that totalDerivativeTimeWeight is not zero in the first branch, and due to the ordering of the check (eg check totalUnderlyingTimeWeight first then totalDerivativeTimeWeight you shouldn't be able to enter the second branch in the case where totalDerivativeTimeWeight = 0.

The same is true for the third branch since it is an else if check

cemozerr commented 3 years ago

Marking this as invalid as @raymogg's explanation makes sense.