Closed github-actions[bot] closed 1 year ago
yixxas
low
quoteDustLimit
An input of 0 is accepted when we call moveQuoteToken() even though we do not want dust amount to be moved.
moveQuoteToken()
In moveQuoteToken(), in the following code snippet,
if (params_.maxAmountToMove != 0 && params_.maxAmountToMove < poolState_.quoteDustLimit) revert DustAmountNotExceeded();
We see that if params.maxAmountToMove == 0, function can still be called due to the && operator.
params.maxAmountToMove == 0
An amount of 0 that can be moved can lead to unexpected outcomes as we are preventing the move of dust amount, and can lead to confusion.
https://github.com/sherlock-audit/2023-01-ajna/blob/main/contracts/src/libraries/external/LenderActions.sol#L204
Manual Review
Consider removing the params_.maxAmountToMove != 0 check and thus allowing only values >= poolState_.quoteDustLimit to be moved.
params_.maxAmountToMove != 0
yixxas
low
Amount of 0 can be moved even though protocol enforces that amount moved must exceed
quoteDustLimit
Summary
An input of 0 is accepted when we call
moveQuoteToken()
even though we do not want dust amount to be moved.Vulnerability Detail
In
moveQuoteToken()
, in the following code snippet,We see that if
params.maxAmountToMove == 0
, function can still be called due to the && operator.Impact
An amount of 0 that can be moved can lead to unexpected outcomes as we are preventing the move of dust amount, and can lead to confusion.
Code Snippet
https://github.com/sherlock-audit/2023-01-ajna/blob/main/contracts/src/libraries/external/LenderActions.sol#L204
Tool used
Manual Review
Recommendation
Consider removing the
params_.maxAmountToMove != 0
check and thus allowing only values >= poolState_.quoteDustLimit to be moved.