Open c4-bot-2 opened 4 months ago
ADD-01: Improper return of chainlinkReferencePriceX96
In the original code, the function _getReferenceTokenPriceX96 will return chainlinkReferencePriceX96 as 0 in case token == referenceToken and make subsequent calls to this function recalculate this value:
_getReferenceTokenPriceX96
chainlinkReferencePriceX96
token == referenceToken
function _getReferenceTokenPriceX96(address token, uint256 cachedChainlinkReferencePriceX96) internal view returns (uint256 priceX96, uint256 chainlinkReferencePriceX96) { if (token == referenceToken) { return (Q96, chainlinkReferencePriceX96); } ... chainlinkReferencePriceX96 = cachedChainlinkReferencePriceX96 == 0 ? _getChainlinkPriceX96(referenceToken) : cachedChainlinkReferencePriceX96; }
PR #13 The function now returns cachedChainlinkReferencePriceX96 input if token == referenceToken:
cachedChainlinkReferencePriceX96
function _getReferenceTokenPriceX96(address token, uint256 cachedChainlinkReferencePriceX96) internal view returns (uint256 priceX96, uint256 chainlinkReferencePriceX96) { if (token == referenceToken) { return (Q96, cachedChainlinkReferencePriceX96); } ...
The mitigation resolved the original issue.
LGTM
jhsagd76 marked the issue as satisfactory
Lines of code
Vulnerability details
C4 issue
ADD-01: Improper return of chainlinkReferencePriceX96
Comment
In the original code, the function
_getReferenceTokenPriceX96
will returnchainlinkReferencePriceX96
as 0 in casetoken == referenceToken
and make subsequent calls to this function recalculate this value:Mitigation
PR #13 The function now returns
cachedChainlinkReferencePriceX96
input iftoken == referenceToken
:The mitigation resolved the original issue.
Conclusion
LGTM