search

code-423n4 / 2022-01-livepeer-findings

0 stars 0 forks source link

PREVENT DIV BY 0 #169

Closed code423n4 closed 2 years ago

code423n4 commented 2 years ago

Handle

defsec

Vulnerability details

Impact

On several locations in the code precautions are taken not to divide by 0, because this will revert the code. However on some locations this isn’t done.

Especially in the claim function div(initialStake - claimedInitialStake) which isn’t checked.

That will cause to revert on the claim function.

Proof of Concept

  1. Navigate to the following contract,

"https://github.com/livepeer/arbitrum-lpt-bridge/blob/ebf68d11879c2798c5ec0735411b08d0bea4f287/contracts/L2/pool/DelegatorPool.sol#L72"

  1. claimedInitialStake and initialStake can be same and the substraction operation will be equal to zero therefore div by zero will occur.

Tools Used

Review

Recommended Mitigation Steps

Recommend making sure division by 0 won’t occur by checking the variables beforehand and handling this edge case.

yondonfu commented 2 years ago

initialStake and claimedInitialStake cannot be equal due to the require check [1] at the beginning of the function that ensures that initialStake > claimedInitialStake.

[1] https://github.com/livepeer/arbitrum-lpt-bridge/blob/ebf68d11879c2798c5ec0735411b08d0bea4f287/contracts/L2/pool/DelegatorPool.sol#L59

0xleastwood commented 2 years ago

Agree with sponsor, there is a check to ensure claimedInitialStake - initialStake > 0, which means this issue does not exist.