search

code-423n4 / 2023-01-astaria-findings

5 stars 2 forks source link

SWC-101 Integer Overflow and Underflow #139

Closed code423n4 closed 1 year ago

code423n4 commented 1 year ago

Lines of code

https://github.com/code-423n4/2023-01-astaria/blob/1bfc58b42109b839528ab1c21dc9803d663df898/src/WithdrawProxy.sol#L237

Vulnerability details

Impact

An overflow/underflow happens when an arithmetic operation reaches the maximum or minimum size of a type. For instance if a number is stored in the uint8 type, it means that the number is stored in a 8 bits unsigned number ranging from 0 to 2^8-1. In computer programming, an integer overflow occurs when an arithmetic operation attempts to create a numeric value that is outside of the range that can be represented with a given number of bits – either larger than the maximum or lower than the minimum representable value.

Proof of Concept

s.withdrawReserveReceived += amount;

Tools Used

Remix IDE

Recommended Mitigation Steps

// import SafeMath.sol and use it to create custom function to apply instead.
//Remediation
s.withdrawReserveReceived = add(s.withdrawReserveReceived, amount);

//from SafeMath
  function add(uint256 a, uint256 b) internal constant returns (uint256) {
    uint256 c = a + b;
    require(c >= a);
    return c;
  }
c4-judge commented 1 year ago

Picodes marked the issue as unsatisfactory: Invalid