search

sherlock-audit / 2024-08-woofi-solana-deployment-judging

2 stars 2 forks source link

dod4ufn - Lack of range checks in update_range_min and update_range_max functions can lead to wrong calculations #90

Open sherlock-admin2 opened 1 month ago

sherlock-admin2 commented 1 month ago

dod4ufn

Medium

Lack of range checks in update_range_min and update_range_max functions can lead to wrong calculations

Summary

The update_range_min and update_range_max functions in the Wooracle contract allow setting range_min and range_max values without verifying their logical relationship. Specifically, there is no check to ensure that range_min is less than or equal to range_max and vice versa.

Vulnerability Detail

In the current implementation, the update_range_min and update_range_max functions directly update the range_min and range_max values in the Wooracle state without checking if range_min is less than or equal to range_max and the opposite as well.

Impact

If range_min is set to a value greater than range_max or range_max is set to a value less than range_min, the oracle can operate with invalid ranges, which can lead to mispricing issues and unexpected behavior of the protocol.

Code Snippet

update range functions

Tool used

Manual Review

Recommendation

Modify the update_range_min and update_range_max functions to include validation checks that ensure the following:

pub fn update_range_min(&mut self, range_min: u128) -> Result<()> {
++ require!(range_min <= self.range_max, ErrorCode::InvalidRangeConfiguration);
self.range_min = range_min;
Ok(())
}

pub fn update_range_max(&mut self, range_max: u128) -> Result<()> {
++ require!(range_max >= self.range_min, ErrorCode::InvalidRangeConfiguration);
self.range_max = range_max;
Ok(())
}
toprince commented 1 month ago

Not valid.

  1. only admin can update range min and max, and not frequent. If updated wrong, will affect all swap.
  2. may update the range one by one, so it may actually have the situration that range max < min.