c4-judge
commented
10 months ago Picodes marked the issue as unsatisfactory: Overinflated severity
Closed c4-bot-8 closed 10 months ago
c4-judge
commented
10 months ago Picodes marked the issue as unsatisfactory: Overinflated severity
Lines of code
https://github.com/code-423n4/2023-11-panoptic/blob/main/contracts/libraries/Math.sol#L172
Vulnerability details
Impact
The revert operation on casting error might abruptly halt execution, making error handling less informative or graceful.
Proof of Concept
Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept.
Tools Used
Recommended Mitigation Steps
Use require statements with custom error messages to provide more context on why the casting failed.
function toUint128(uint256 toDowncast) internal pure returns (uint128 downcastedInt) { require(toDowncast <= type(uint128).max, "Value exceeds uint128 range"); downcastedInt = uint128(toDowncast); require(uint256(downcastedInt) == toDowncast, "CastingError: downcast failed"); } In this scenario, the first require checks if the value is within the range of uint128. The subsequent line performs the downcast. The second require statement verifies if the downcast was successful, and if not, it reverts with the specified error message, indicating that the casting failed. This pattern helps provide context for different failure scenarios in the casting process.
Assessed type
Error