An overflow/underflow happens when an arithmetic operation reaches the maximum or minimum size of a type. For instance if a number is stored in the uint8 type, it means that the number is stored in a 8 bits unsigned number ranging from 0 to 2^8-1. In computer programming, an integer overflow occurs when an arithmetic operation attempts to create a numeric value that is outside of the range that can be represented with a given number of bits – either larger than the maximum or lower than the minimum representable value.
Proof of Concept
s.withdrawReserveReceived += amount;
Tools Used
Remix IDE
Recommended Mitigation Steps
// import SafeMath.sol and use it to create custom function to apply instead.
//Remediation
s.withdrawReserveReceived = add(s.withdrawReserveReceived, amount);
//from SafeMath
function add(uint256 a, uint256 b) internal constant returns (uint256) {
uint256 c = a + b;
require(c >= a);
return c;
}
Lines of code
https://github.com/code-423n4/2023-01-astaria/blob/1bfc58b42109b839528ab1c21dc9803d663df898/src/WithdrawProxy.sol#L237
Vulnerability details
Impact
Proof of Concept
Tools Used
Recommended Mitigation Steps