search

sherlock-audit / 2023-10-looksrare-judging

6 stars 6 forks source link

Milad-Sha - Unsafe downcast #144

Closed sherlock-admin closed 1 year ago

sherlock-admin commented 1 year ago

Milad-Sha

medium

Unsafe downcast

Summary

When a type is downcast to a smaller type, the higher order bits are truncated

Vulnerability Detail

When a type is downcast to a smaller type, the higher order bits are truncated, effectively applying a modulo to the original value. Without any other checks, this wrapping will lead to unexpected behavior and bugs.

Solidity does not check if it is safe to cast an integer to a smaller one. Unless some business logic ensures that the downcasting is safe, a library like SafeCast should be used.

Impact

When a type is downcast to a smaller type, the higher order bits are truncated, effectively applying a modulo to the original value. Without any other checks, this wrapping will lead to unexpected behavior and bugs.

Code Snippet

https://github.com/sherlock-audit/2023-10-looksrare/blob/main/contracts-infiltration/contracts/Infiltration.sol?plain=1#L875

                healingAgentIds[currentHealingAgentIdsCount + i] = uint16(agentId);

https://github.com/sherlock-audit/2023-10-looksrare/blob/main/contracts-infiltration/contracts/Infiltration.sol?plain=1#L879

        healingAgentIds[0] = uint16(newHealingAgentIdsCount);

https://github.com/sherlock-audit/2023-10-looksrare/blob/main/contracts-infiltration/contracts/Infiltration.sol?plain=1#L512

        gameInfo.activeAgents = uint16(numberOfAgents);

Tool used

Manual Review

Recommendation

You can use the SafeCast library to prevent Unsafe downcast.

nevillehuang commented 1 year ago

Near impossible for agent ids to be out of bounds/unsafely downcasted