Division by Zero

[0xSandyy]

Checklist

• [x] I have searched the existing issues and pull requests for duplicates.

Type of Issue

• [x] New vulnerability addition
• [ ] Feature request
• [ ] Update existing vulnerability

Description

Division by Zero

In solidity if the contract attempts to perform division when the denominator is zero, the whole transaction reverts. Thus, the denominator should be always checked before division.

function foo(uint num, uint den) public pure returns(uint result) {
  if(den == 0) return 0; // if denominator is 0, return 0 instead of reverting
  result = num / den;
}

[kadenzipfel]

Imo this should go under DoS with unexpected revert, would be a great addition

[0xSandyy]

or How about a separate Solidity Math Issues listing including all other issues like rounding errors, lack of precision, solidity truncation, etc?

[kadenzipfel]

I think division by zero best fits under unexpected revert but I think the others could go together on a listing that specifically encompasses effects of integer math

[0xSandyy]

Ok, I will work on the PR for unexpected revert first and then will work on Integer math issues. What should I put the title for integer math issues?

[kadenzipfel]

Ok, I will work on the PR for unexpected revert first and then will work on Integer math issues. What should I put the title for integer math issues?

I think we could go with "Integer Rounding" or something like that as I'd say it's probably the root of each of those issues. By the way, I realized we have this vulnerability listed already https://github.com/kadenzipfel/smart-contract-vulnerabilities/blob/master/vulnerabilities/lack-of-precision.md so would be best to update that with the new title and different possible outcomes