search

code-423n4 / 2024-03-phala-network-findings

0 stars 0 forks source link

Coarse_grained function: Error Handling #38

Closed c4-bot-5 closed 3 months ago

c4-bot-5 commented 3 months ago

Lines of code

https://github.com/code-423n4/2024-03-phala-network/blob/a01ffbe992560d8d0f17deadfb9b9a2bed38377e/phala-blockchain/crates/pink/runtime/src/contract.rs#L122

Vulnerability details

Impact

The coarse_grained function does not handle the case where the gas_consumed and gas_consumed values are both zero.

Proof of Concept

This could lead to a scenario where if the coarse_grained function encounters an error condition in the result field but still receives zero gas values (gas_consumed and gas_required), it may mistakenly return a ContractResult object with zero gas values. This oversight can lead to incorrect representations of contract execution outcomes, potentially resulting in unintended consequences or loss of error information

Tools Used

Manual inspection

Recommended Mitigation Steps

To ensure correct handling of error conditions and gas values, the coarse_grained function should be updated to properly handle cases where both gas_consumed and gas_consumed values are zero.

Assessed type

Other

c4-pre-sort commented 3 months ago

141345 marked the issue as insufficient quality report

141345 commented 3 months ago

gas_consumed cannot be zero

c4-judge commented 3 months ago

OpenCoreCH marked the issue as unsatisfactory: Invalid