wrong implemented of amount in deposit and withdraw as we are using u128 to define the amount but when we are calling the transfer_from_owner_to_vault function we are using u64. if amount is greater than u64.max then then we will be getting wrong amount.
Vulnerability Detail
@>>pub fn deposit(ctx: Context, amount: u128) -> Result<()> {
let token_owner_account = &ctx.accounts.token_owner_account;
let token_vault = &ctx.accounts.token_vault;
require!(
token_owner_account.amount as u128 >= amount,
ErrorCode::NotEnoughBalance
);
Scrawny Cobalt Goldfish
Medium
amount can be overflowed in deposit and withdraw.
Summary
wrong implemented of amount in deposit and withdraw as we are using u128 to define the amount but when we are calling the transfer_from_owner_to_vault function we are using u64. if amount is greater than u64.max then then we will be getting wrong amount.
Vulnerability Detail
@>>pub fn deposit(ctx: Context, amount: u128) -> Result<()> {
let token_owner_account = &ctx.accounts.token_owner_account;
let token_vault = &ctx.accounts.token_vault;
@>> transfer_from_owner_to_vault( &ctx.accounts.authority, token_owner_account, token_vault, &ctx.accounts.token_program, @>> amount as u64, )?;
}
@>>pub fn withdraw(ctx: Context, amount: u128) -> Result<()> {
let token_owner_account = &ctx.accounts.token_owner_account;
let rebate_manager = &mut ctx.accounts.rebate_manager;
let token_vault = &ctx.accounts.token_vault;
@>> transfer_from_vault_to_owner( rebate_manager, token_vault, token_owner_account, &ctx.accounts.token_program, @>> amount as u64, )?;
}
Impact
amount can be overflowed in deposit and withdraw.
Code Snippet
https://github.com/sherlock-audit/2024-08-woofi-solana-deployment/blob/main/WOOFi_Solana/programs/rebate_manager/src/instructions/admin/deposit_withdraw.rs#L56
Tool used
Manual Review
Recommendation
use u128 for all the places.