search

code-423n4 / 2022-06-nested-findings

0 stars 1 forks source link

Division by 0 #66

Closed code423n4 closed 2 years ago

code423n4 commented 2 years ago

Lines of code

https://github.com/code-423n4/2022-06-nested/tree/main/contracts/FeeSplitter.sol#L202

Vulnerability details

Division by 0 can lead to accidentally revert, (An example of a similar issue - https://github.com/code-423n4/2021-10-defiprotocol-findings/issues/84)

Code instances:

    https://github.com/code-423n4/2022-06-nested/tree/main/contracts/operators/Beefy/lp/BeefyZapBiswapLPVaultOperator.sol#L286 nominator might be 0
    https://github.com/code-423n4/2022-06-nested/tree/main/contracts/operators/Beefy/lp/BeefyZapUniswapLPVaultOperator.sol#L284 nominator might be 0
    https://github.com/code-423n4/2022-06-nested/tree/main/contracts/FeeSplitter.sol#L279 _totalWeights might be 0
    https://github.com/code-423n4/2022-06-nested/tree/main/contracts/FeeSplitter.sol#L222 _totalShares might be 0
    https://github.com/code-423n4/2022-06-nested/tree/main/contracts/FeeSplitter.sol#L202 _totalWeights might be 0
obatirou commented 2 years ago

Division by 0 (disputed)

Only if totalWeight is zero. But this can’t happen, you have to add shareholders when deploying the FeeSplitter and it checks that weight is not zero :