search

sherlock-audit / 2023-12-dodo-gsp-judging

6 stars 5 forks source link

bareli - wrong implementation of correctRState() function #142

Closed sherlock-admin closed 6 months ago

sherlock-admin commented 6 months ago

bareli

medium

wrong implementation of correctRState() function

Summary

We have implemented a wrong implementation of correctRState().As here we can see that it will implement the same code for different _Rstate.

Vulnerability Detail

we should use a or gate for simple implementation.

Impact

Code Snippet

https://github.com/sherlock-audit/2023-12-dodo-gsp/blob/main/dodo-gassaving-pool/contracts/GasSavingPool/impl/GSPVault.sol#L140 function correctRState() public { if (RState == uint32(PMMPricing.RState.BELOW_ONE) && _BASERESERVE<_BASETARGET) { RState = uint32(PMMPricing.RState.ONE); _BASETARGET = _BASERESERVE; _QUOTETARGET = _QUOTERESERVE; } if (RState == uint32(PMMPricing.RState.ABOVE_ONE) && _QUOTERESERVE<_QUOTETARGET) { RState = uint32(PMMPricing.RState.ONE); _BASETARGET = _BASERESERVE; _QUOTETARGET = _QUOTERESERVE; } }

Tool used

Manual Review

Recommendation

if (RState == uint32(PMMPricing.RState.BELOW_ONE) && _BASERESERVE<_BASETARGET)||(RState == uint32(PMMPricing.RState.ABOVE_ONE) && _QUOTERESERVE<_QUOTETARGET) { RState = uint32(PMMPricing.RState.ONE); _BASETARGET = _BASERESERVE; _QUOTETARGET = _QUOTERESERVE; }

nevillehuang commented 6 months ago

Invalid, no impact/issue highlighted