Margin value is not checked to be non-negative in `leveragedNotionalValue`

[code423n4]

Handle

shw

Vulnerability details

Impact

The leveragedNotionalValue function of LibBalance gets the margin value of a position (i.e., the marginValue variable) to calculate the notional value. However, the position's margin value is not checked to be non-negative. Margin with a value less than zero is considered invalid and should be specially handled.

Proof of Concept

Referenced code: LibBalances.sol#L80

Recommended Mitigation Steps

Check whether marginValue is less than zero and handle this case.

[OsmanBran]

Although in a normal state marginValue should not be negative (due to being liquidated prior to this), this function should still handle negative values for marginValue and result in valid calculations. Reverting the function due to negative margin values will cause undesirable side-effects in the system.