search

code-423n4 / 2022-01-yield-findings

1 stars 0 forks source link

Use '!= 0' rather than '> 0' for unsigned integers #125

Closed code423n4 closed 2 years ago

code423n4 commented 2 years ago

Handle

IllIllI

Vulnerability details

Impact

Gas is wasted doing a greaterthan operation, rather than a not-equals operation

Proof of Concept

require(amount_ > 0, "No convex token to wrap");

https://github.com/code-423n4/2022-01-yield/blob/e946f40239b33812e54fafc700eb2298df1a2579/contracts/ConvexYieldWrapper.sol#L128

Here are the bytecode differences between what is in the repository, and changing the > to !=:

$diff good bad
4175c4175,4177
< DUP1(0x80)
---
> PUSH1(0x60)
> DUP2(0x81)
> GT(0x11)

This line has the same issue: https://github.com/code-423n4/2022-01-yield/blob/e946f40239b33812e54fafc700eb2298df1a2579/contracts/ConvexYieldWrapper.sol#L142

Tools Used

Hardhat npx @remix-project/remix-lib

Recommended Mitigation Steps

Use != 0 rather than > 0 for unsigned integers

devtooligan commented 2 years ago

dup of https://github.com/code-423n4/2022-01-yield-findings/issues/18

alcueca commented 2 years ago

Taking #57 as main, better