search

sherlock-audit / 2023-09-perennial-judging

0 stars 0 forks source link

0xVinylDavyl - With uint256 and int256 data types, Integer overflow and underflow occur when the result of an arithmetic operation exceeds the maximum or minimum representable value for a given data type. #20

Closed sherlock-admin closed 11 months ago

sherlock-admin commented 11 months ago

0xVinylDavyl

medium

With uint256 and int256 data types, Integer overflow and underflow occur when the result of an arithmetic operation exceeds the maximum or minimum representable value for a given data type.

Summary

The code contains arithmetic operations involving uint256 and int256 data types, which may lead to integer overflow or underflow vulnerabilities if not carefully handled.

Vulnerability Detail

Integer overflow and underflow occur when the result of an arithmetic operation exceeds the maximum or minimum representable value for a given data type. In Solidity, these vulnerabilities can have severe consequences, including loss of funds or contract failure.

Impact

If integer overflow or underflow occurs, it can lead to incorrect contract behavior, unexpected state changes, or even financial losses for users interacting with the contract. In extreme cases, it can potentially lead to vulnerabilities that malicious actors could exploit.

Code Snippet

https://github.com/sherlock-audit/2023-09-perennial/blob/main/perennial-v2/packages/perennial/contracts/types/Position.sol#L98

 function update(
        Position memory self,
        uint256 currentTimestamp,
        Order memory order,
        RiskParameter memory riskParameter
    ) internal pure {
        // load the computed attributes of the latest position
        Fixed6 latestSkew = virtualSkew(self, riskParameter);
        (order.net, order.efficiency, order.utilization) =
            (Fixed6Lib.from(net(self)), Fixed6Lib.from(efficiency(self)), Fixed6Lib.from(utilization(self)));

        // update the position's attributes
        (self.timestamp, self.maker, self.long, self.short) = (
            currentTimestamp,
            UFixed6Lib.from(Fixed6Lib.from(self.maker).add(order.maker)),
            UFixed6Lib.from(Fixed6Lib.from(self.long).add(order.long)),
            UFixed6Lib.from(Fixed6Lib.from(self.short).add(order.short))
        );

        // update the order's delta attributes with the positions updated attributes
        (order.net, order.skew, order.impact, order.efficiency, order.utilization) = (
            Fixed6Lib.from(net(self)).sub(order.net),
            virtualSkew(self, riskParameter).sub(latestSkew).abs(),
            Fixed6Lib.from(virtualSkew(self, riskParameter).abs()).sub(Fixed6Lib.from(latestSkew.abs())),
            Fixed6Lib.from(efficiency(self)).sub(order.efficiency),
            Fixed6Lib.from(utilization(self)).sub(order.utilization)
        );
    }

Tool used

Manual Review

Recommendation

To prevent integer overflow and underflow vulnerabilities, follow these recommendations:

Use SafeMath Library

Replace standard arithmetic operations with SafeMath library functions, such as SafeMath.add, SafeMath.sub, SafeMath.mul, and SafeMath.div. This library performs checks to ensure that no overflow or underflow occurs during calculations.

import "./SafeMath.sol";

contract MyContract {
    using SafeMath for uint256;

    function safeAdd(uint256 a, uint256 b) internal pure returns (uint256) {
        return a.add(b);
    }

    function safeSub(uint256 a, uint256 b) internal pure returns (uint256) {
        return a.sub(b);
    }

    // Other functions using SafeMath
}

Check for Valid Input

Implement input validation to ensure that input values do not result in arithmetic operations that could lead to overflow or underflow. For example, when dealing with user-supplied values, validate that they are within acceptable ranges.

function safeAddWithValidation(uint256 a, uint256 b) internal pure returns (uint256) {
    require(a <= type(uint256).max - b, "Integer overflow detected");
    return a + b;
}

Use Data Types with Larger Ranges

Consider using data types with larger ranges, such as uint256, to reduce the likelihood of overflow or underflow. Choose data types that match the expected range of values for specific variables.

uint256 totalSupply = 1000000000 * 10**18; // Use uint256 for total supply

By following these recommendations and using SafeMath or similar libraries, you can significantly reduce the risk of integer overflow and underflow vulnerabilities in your Solidity smart contracts.

sherlock-admin commented 11 months ago

4 comment(s) were left on this issue during the judging contest.

panprog commented:

invalid because this is generic advice not applicable to that code

n33k commented:

invalid, ai generated groundless report

darkart commented:

The same as 14 you should read solidity docs if you wanna do bug hunting safemath is included from ^0.8.0

polarzero commented:

Invalid. The contract uses Solidity ^0.8.13, which has built-in integer overflow/underflow checks.