0xeix - from_amount is not validated properly

[sherlock-admin2]

0xeix

Medium

from_amount is not validated properly

Summary

from_amount supplied by the user is not validated properly according to the docs.

Vulnerability Detail

In the current implementation, from_amount is supplied by a user:

https://github.com/sherlock-audit/2024-08-woofi-solana-deployment/blob/main/WOOFi_Solana/programs/woofi/src/instructions/swap.rs#L96

pub fn handler(ctx: Context<Swap>, from_amount: u128, min_to_amount: u128) -> Result<()> {

However, it's not validated somehow when selling base to the quote token:

https://github.com/sherlock-audit/2024-08-woofi-solana-deployment/blob/main/WOOFi_Solana/programs/woofi/src/instructions/swap.rs#L134-144

    let mut quote_amount = from_amount;
    if woopool_from.token_mint != woopool_from.quote_token_mint {
        let state_from =
            get_price::get_state_impl(wooracle_from, price_update_from, quote_price_update)?;

        let (_quote_amount, new_base_price) = swap_math::calc_quote_amount_sell_base(
            from_amount,
            woopool_from,
            &decimals_from,
            &state_from,
        )?;

However, before calculating the amounts, it should check whether base amount < balance of the base token - base token reserve as it's done in the EVM contracts implementation:

require(
            balance(baseToken).sub(tokenInfos[baseToken].reserve) >= baseAmount,
            'WooPPV2: BASE_BALANCE_NOT_ENOUGH'
        );

and in the specification:

baseBalance = base.balanceOf(this)
baseAmount = baseBalance - baseReserve

Impact

Insufficient validation of the from_amount can lead to incorrect amount being sent.

Code Snippet

Provided above.

Tool used

Manual Review

Recommendation

Add the checks to validate from_amount.

[toprince]

Not Valid for this one. Ln101-105 checked user's wallet is sufficient for from amount. Ln154-159 checked quote amount can cover swap fee. Ln182-185 checked to amount is suffient.