code423n4 commented 2 years ago

Handle

Dravee

Vulnerability details

Impact

++i costs less gas compared to i++ for unsigned integer, as pre-increment is cheaper (about 5 gas per iteration)

Proof of Concept

i++ increments i and returns the initial value of i. Which means:

uint i = 1;  
i++; // == 1 but i == 2

But ++i returns the actual incremented value:

uint i = 1;  
++i; // == 2 and i == 2 too, so no need for a temporary variable

In the first case, the compiler has to create a temporary variable (when used) for returning 1 instead of 2

Instances include:

DAO\Proposals\UpdateMultipleSoulConfigProposal.sol:64:    for (uint256 i = 0; i < params.length; i++) {
DAO\LimboDAO.sol:212:    for (uint256 i = 0; i < sushiLPs.length; i++) {
DAO\LimboDAO.sol:217:    for (uint256 i = 0; i < uniLPs.length; i++) {

Tools Used

VS Code

Recommended Mitigation Steps

Use ++i instead of i++ to increment the value of an uint variable.

ColaM12 commented 2 years ago

Duplicate to #13

CloudEllie commented 2 years ago

Withdrawn by warden Dravee:

I just submitted a Behodler report in OpenLeverage... sorry for that.

Dravee's submission #118, which is similar, still stands.

code-423n4 / 2022-01-openleverage-findings