search

code-423n4 / 2023-11-shellprotocol-findings

7 stars 7 forks source link

Potential Gas and Overflow Issues with Decimal Shift Left in _convertDecimals Function #316

Closed c4-bot-1 closed 8 months ago

c4-bot-1 commented 8 months ago

Lines of code

https://github.com/code-423n4/2023-11-shellprotocol/blob/main/src/adapters/OceanAdapter.sol#L138

Vulnerability details

Impact

The exponentiation operation in the decimal shift left scenario can lead to high gas consumption and potential integer overflow. The gas cost and risk of overflow increase with the value of the exponent, which could make the function expensive or even unusable in extreme cases.

Proof of Concept

The function does not currently enforce a maximum difference between decimalsFrom and decimalsTo, which could result in high gas costs or overflow when the difference is large.Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept.

Tools Used

Recommended Mitigation Steps

To mitigate the risk of high gas costs and overflow, add validation checks to ensure the decimal difference is within a safe range.

function _convertDecimals( uint8 decimalsFrom, uint8 decimalsTo, uint256 amountToConvert ) internal pure returns (uint256 convertedAmount) { // Ensure the decimal difference is within a safe range to prevent high gas costs uint256 decimalDifference = decimalsFrom > decimalsTo ? uint256(decimalsFrom - decimalsTo) : uint256(decimalsTo - decimalsFrom); uint256 maxDecimalDifference = 77; // Adjust as needed require(decimalDifference <= maxDecimalDifference, 'Decimal difference too high');

if (decimalsFrom == decimalsTo) {
    convertedAmount = amountToConvert;
} else if (decimalsFrom < decimalsTo) {
    uint256 shift = 10 ** decimalDifference;
    require(amountToConvert <= type(uint256).max / shift, 'Potential overflow');
    convertedAmount = amountToConvert * shift;
} else {
    uint256 shift = 10 ** decimalDifference;
    convertedAmount = amountToConvert / shift;
}

}

Assessed type

Math

c4-pre-sort commented 8 months ago

raymondfam marked the issue as insufficient quality report

c4-pre-sort commented 8 months ago

raymondfam marked the issue as duplicate of #301

c4-judge commented 8 months ago

0xA5DF marked the issue as unsatisfactory: Invalid

c4-judge commented 8 months ago

0xA5DF marked the issue as unsatisfactory: Invalid

c4-judge commented 8 months ago

0xA5DF marked the issue as unsatisfactory: Invalid