search

hats-finance / Common--Stableswap-0xd4d9a2772202ce33b24901d3fc94e95a84b37430

Apache License 2.0
0 stars 0 forks source link

Insufficient input validation - as a result, event spamming happen which would cause havoc in front end application when processing them #37

Open hats-bug-reporter[bot] opened 3 months ago

hats-bug-reporter[bot] commented 3 months ago

Github username: -- Twitter username: -- Submission hash (on-chain): 0x91759b9ad65d849c436b1c9fd9e00d43804bc24da54353d766ecab522855750b Severity: low

Description: Description

Stable pool: when adding liquidity or removing the liquidity , the input vector lenght is checked whether is matching with the token lenght. But the amount is not checked. as a result, the function will pass sucessfully by emitting the event .

these event will be used in the front end application. if these are spammed it would cause unexpected havoc when processing them.

For example, add_liquidity

#[drink::test]
fn test_for_zero_deposit(mut session: Session) {
    seed_account(&mut session, CHARLIE);
    seed_account(&mut session, DAVE);
    seed_account(&mut session, EVA);

    let initial_reserves = vec![100000 * ONE_DAI, 100000 * ONE_USDT, 100000 * ONE_USDC];
    let initial_supply = initial_reserves
        .iter()
        .map(|amount| amount * 100_000_000_000)
        .collect::<Vec<u128>>();
    let (stable_swap, tokens) = setup_stable_swap_with_tokens_left_amount(
        &mut session,
        vec![18, 6, 6],
        initial_supply.clone(),
        10_000,
        2_500_000,
        200_000_000,
        BOB,
        vec![],
    );

    _ = stable_swap::add_liquidity(
        &mut session,
        stable_swap,
        BOB,
        1,
        initial_reserves.clone(),
        bob(),
    )
    .expect("Should successfully add liquidity");

    // setup max allowance for stable swap contract on both tokens
    transfer_and_increase_allowance(
        &mut session,
        stable_swap,
        tokens.clone(),
        CHARLIE,
        vec![500 * ONE_DAI, 500 * ONE_USDT, 500 * ONE_USDC],
        BOB,
    );

    //zero amount -- it passes.
    _ = stable_swap::add_liquidity(
        &mut session,
        stable_swap,
        CHARLIE,
        0,
        vec![0, 0, 0],
        charlie(),
    )
    .expect("Should successfully add liquidity");

    let bob_balance = psp22_utils::balance_of(&mut session, stable_swap, bob());
    let charlie_balance = psp22_utils::balance_of(&mut session, stable_swap, charlie());

    println!("Bob's balance: {}", bob_balance);
    println!("Charlie's balance: {}", charlie_balance);
}
  1. Revised Code File (Optional)

Validate the amount value from the input amount vector.

JanKuczma commented 3 months ago

Thank you for your submission.

Valid. Low severity level