XO-sum() function does not check for non-zero values
Summary
The vulnerability in the sum() function, the function's failure to check whether both the self.maker and self.taker variables are
non-zero. This allows an attacker to call the sum() function with an accumulator that has a zero value for either the maker or the taker variable, the sum() function would erroneously return a zero value, despite the accumulator potentially having a non-zero value for the other variable.
Vulnerability Detail
*/
function sum(Accumulator memory self) internal pure returns (Fixed18) {
return self.maker.add(self.taker);
}
}
There is a vulnerability in the sum() function, in the function there is a line that not check to see if the self.maker and self.taker variables are both non-zero means that an attacker could call the sum() function with an accumulator that has a zero value for either the maker or the taker variable.This would cause the sum() function to return a zero value, even though the accumulator may have a non-zero value for the other variable.
Impact
This vulnerability can be exploited:
An attacker could create an accumulator with a zero value for the maker variable.
The attacker could then call the sum() function with the accumulator.
The sum() function would return a zero value, even though the accumulator may have a non-zero value for the taker variable.
The attacker could then use the zero value to manipulate the results of other functions that rely on the sum() function.
adding the check require(self.maker.gt(0) || self.taker.gt(0)); to the sum() function, this can help to ensure that the function only returns a non-zero value if both the self.maker and self.taker variables are non-zero
XDZIBEC
medium
XO-
sum()function does not check fornon-zerovaluesSummary
sum()function, the function's failure to check whether both theself.makerandself.takervariables arenon-zero.This allows an attacker to call thesum()function with anaccumulatorthat has a zero value foreitherthe maker or the taker variable, thesum()function would erroneously return azerovalue, despite the accumulator potentially having a non-zero value for the other variable.Vulnerability Detail
sum()function, in the function there is a line that not check to see if theself.makerandself.takervariables are bothnon-zeromeans that an attacker could call thesum()function with an accumulator that has a zero value foreitherthe maker or the taker variable.This would cause the sum() function to return a zero value, even though theaccumulatormay have anon-zerovalue for the other variable.Impact
sum()function with the accumulator.sum()function would return a zero value, even though the accumulator may have anon-zerovalue for the taker variable.sum()function.Code Snippet
Tool used
Manual Review
Recommendation
require(self.maker.gt(0) || self.taker.gt(0));to thesum()function, this can help to ensure that the function only returns a non-zero value if both theself.makerandself.takervariables are non-zero