Closed code423n4 closed 2 years ago
overflow is checked further down in mulDiv, false positive
Agree with the sponsor, there is an overflow check on this line: https://github.com/Rari-Capital/solmate/blob/0a121c54b23ccde77bb0dd84a59b71783c126894/src/utils/FixedPointMathLib.sol#L44
Lines of code
https://github.com/code-423n4/2022-02-tribe-turbo/blob/66f27fe51083f49f7935e3fe594ab2380b75dee8/src/TurboSafe.sol#L151-L155
Vulnerability details
The
TurboSafe
'stotalAssets()
function is used byERC4626.previewDeposit()
,ERC4626.previewMint()
,ERC4626.previewWithdraw()
, andERC4626.previewRedeem()
. These preview functions are called directly by the non-preview versions and therefore iftotalAssets()
has the wrong value, all other calculations will be wrong.Impact
totalAssets()
can be made to overflow under extraordinary circumstances, causing the misspricing of assets.Proof of Concept
https://github.com/code-423n4/2022-02-tribe-turbo/blob/66f27fe51083f49f7935e3fe594ab2380b75dee8/src/TurboSafe.sol#L151-L155
totalAssets()
involves a call tomulWadDown
which uses assembly which does not have overflow protectionshttps://github.com/Rari-Capital/solmate/blob/1205a9067ff957ef8b0b003ff9d77c20ef9f2e0b/src/utils/FixedPointMathLib.sol#L14-L16
https://github.com/Rari-Capital/solmate/blob/1205a9067ff957ef8b0b003ff9d77c20ef9f2e0b/src/utils/FixedPointMathLib.sol#L34-L41
https://github.com/Rari-Capital/solmate/blob/1205a9067ff957ef8b0b003ff9d77c20ef9f2e0b/src/mixins/ERC4626.sol#L143-L147
https://github.com/Rari-Capital/solmate/blob/1205a9067ff957ef8b0b003ff9d77c20ef9f2e0b/src/mixins/ERC4626.sol#L74-L79
The video linked to in the
README.md
talks about the fact that a safe can be owned by a DAO with lots of depositors and therefore it's possible for a large amount of assets to be added to the safe. If this happens along with a very large exchange rate thez := mul(x, y)
assembly call can overflow.Tools Used
Code inspection
Recommended Mitigation Steps
Use normal multiplication and division, and provide a way to withdraw funds in the case where
totalAssets()
reverts.