XO-sum() function does not check for non-zero values
Summary
The vulnerability in the sum() function, the function's failure to check whether both the self.maker and self.taker variables are
non-zero. This allows an attacker to call the sum() function with an accumulator that has a zero value for either the maker or the taker variable, the sum() function would erroneously return a zero value, despite the accumulator potentially having a non-zero value for the other variable.
Vulnerability Detail
*/
function sum(Accumulator memory self) internal pure returns (Fixed18) {
return self.maker.add(self.taker);
}
}
There is a vulnerability in the sum() function, in the function there is a line that not check to see if the self.maker and self.taker variables are both non-zero means that an attacker could call the sum() function with an accumulator that has a zero value for either the maker or the taker variable.This would cause the sum() function to return a zero value, even though the accumulator may have a non-zero value for the other variable.
Impact
This vulnerability can be exploited:
An attacker could create an accumulator with a zero value for the maker variable.
The attacker could then call the sum() function with the accumulator.
The sum() function would return a zero value, even though the accumulator may have a non-zero value for the taker variable.
The attacker could then use the zero value to manipulate the results of other functions that rely on the sum() function.
adding the check require(self.maker.gt(0) || self.taker.gt(0)); to the sum() function, this can help to ensure that the function only returns a non-zero value if both the self.maker and self.taker variables are non-zero
XDZIBEC
medium
XO-
sum()
function does not check fornon-zero
valuesSummary
sum()
function, the function's failure to check whether both theself.maker
andself.taker
variables arenon-zero.
This allows an attacker to call thesum()
function with anaccumulator
that has a zero value foreither
the maker or the taker variable, thesum()
function would erroneously return azero
value, despite the accumulator potentially having a non-zero value for the other variable.Vulnerability Detail
sum()
function, in the function there is a line that not check to see if theself.maker
andself.taker
variables are bothnon-zero
means that an attacker could call thesum()
function with an accumulator that has a zero value foreither
the maker or the taker variable.This would cause the sum() function to return a zero value, even though theaccumulator
may have anon-zero
value for the other variable.Impact
sum()
function with the accumulator.sum()
function would return a zero value, even though the accumulator may have anon-zero
value for the taker variable.sum()
function.Code Snippet
Tool used
Manual Review
Recommendation
require(self.maker.gt(0) || self.taker.gt(0));
to thesum()
function, this can help to ensure that the function only returns a non-zero value if both theself.maker
andself.taker
variables are non-zero