Open code423n4 opened 3 years ago
shw
A possible divide-by-zero error could happen in the getSherXPerBlock(uint256, IERC20) function of PoolBase when the totalSupply of lockToken and _lock are both 0.
getSherXPerBlock(uint256, IERC20)
PoolBase
totalSupply
lockToken
_lock
Referenced code: PoolBase.sol#L215
Check if baseData().lockToken.totalSupply().add(_lock) equals to 0 before line 214. If so, then return 0.
baseData().lockToken.totalSupply().add(_lock)
Handle
shw
Vulnerability details
Impact
A possible divide-by-zero error could happen in the
getSherXPerBlock(uint256, IERC20)function ofPoolBasewhen thetotalSupplyoflockTokenand_lockare both 0.Proof of Concept
Referenced code: PoolBase.sol#L215
Recommended Mitigation Steps
Check if
baseData().lockToken.totalSupply().add(_lock)equals to 0 before line 214. If so, then return 0.