The contract code uses the wrong compiler version and introduces a revert mechanism for overflow errors in arithmetic operations.
This makes it possible to revert getAmountsForLiquidity, DOS deposit and withdraw functions, causing funds to be frozen and contract functions to be unusable.
Mitigation
Related issues are fixed by using uniswap 0.8 branch code.
Wrap arithmetic operations in unchecked blocks to avoid revert.
Test
Test the actual use case given in the issue and it works well.
Lines of code
Vulnerability details
Comments
The contract code uses the wrong compiler version and introduces a revert mechanism for overflow errors in arithmetic operations. This makes it possible to revert getAmountsForLiquidity, DOS deposit and withdraw functions, causing funds to be frozen and contract functions to be unusable.
Mitigation
Related issues are fixed by using uniswap 0.8 branch code. Wrap arithmetic operations in unchecked blocks to avoid revert.
Test
Test the actual use case given in the issue and it works well.
Conclusion
LGTM