Title: Lack of Overflow and Underflow Protection in Arithmetic Operations in ZivoeVotes.
Low/Info issue submitted by recursiveEth
Summary
The ZivoeVotes:_add and ZivoeVote:_subtract functions do not include checks for overflow and underflow, which could lead to unexpected behavior or vulnerabilities if the input values exceed the maximum or minimum representable values for uint256
Vulnerability Detail
The vulnerability arises from performing arithmetic operations without considering the possibility of overflow or underflow
Impact
Without overflow and underflow protection, the contract may exhibit unexpected behavior or become vulnerable to exploits such as integer overflow attacks
function _add(uint256 a, uint256 b) internal pure returns (uint256) {
return a + b;
}
function _subtract(uint256 a, uint256 b) internal pure returns (uint256) {
return a - b;
}
Tool used
Manual Review
Recommendation
function _safeAdd(uint256 a, uint256 b) internal pure returns (uint256) {
uint256 c = a + b;
require(c >= a, "SafeMath: addition overflow");
return c;
}
function _safeSubtract(uint256 a, uint256 b) internal pure returns (uint256) {
require(b <= a, "SafeMath: subtraction overflow");
return a - b;
}
Title: Lack of Overflow and Underflow Protection in Arithmetic Operations in
ZivoeVotes.Low/Info issue submitted by recursiveEth
Summary
The
ZivoeVotes:_addandZivoeVote:_subtractfunctions do not include checks for overflow and underflow, which could lead to unexpected behavior or vulnerabilities if the input values exceed the maximum or minimum representable values for uint256Vulnerability Detail
The vulnerability arises from performing arithmetic operations without considering the possibility of overflow or underflow
Impact
Without overflow and underflow protection, the contract may exhibit unexpected behavior or become vulnerable to exploits such as integer overflow attacks
Code Snippet
https://github.com/sherlock-audit/2024-03-zivoe/blob/main/zivoe-core-foundry/src/libraries/ZivoeVotes.sol#L133
Tool used
Manual Review
Recommendation