c4-submissions commented 10 months ago

Lines of code

https://github.com/code-423n4/2023-10-wildcat/blob/main/src/libraries/MathUtils.sol#L155

Vulnerability details

Impact

Detailed description of the impact of this finding.

Proof of Concept

Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept.

Tools Used

Recommended Mitigation Steps

function rayDiv(uint256 a, uint256 b) internal pure returns (uint256 c) { assembly { // equivalent to require(b != 0 && a <= (type(uint256).max - halfB) / RAY) if or(iszero(b), gt(a, div(sub(not(0), div(b, 2)), RAY))) { mstore(0, Panic_ErrorSelector) mstore(Panic_ErrorCodePointer, Panic_Arithmetic) revert(Error_SelectorPointer, Panic_ErrorLength) }

  c := div(add(mul(a, RAY), div(b, 2)), b)
}

}

i think its wrong implementation.

Assessed type

Other

c4-pre-sort commented 10 months ago

minhquanym marked the issue as low quality report

minhquanym commented 10 months ago

Invalid

c4-judge commented 10 months ago

MarioPoneder marked the issue as unsatisfactory: Invalid

code-423n4 / 2023-10-wildcat-findings

wrong implementation of rayDiv. #684