Inclusive conditions #62
Labels
1 (Low Risk)
Assets are not at risk. State handling, function incorrect as to spec, issues with comments
bug
Warden finding
sponsor disputed
Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue
Comments
code423n4
added
1 (Low Risk)
sarangparikh22
added
the
sponsor disputed
|
Haha! Robert lol, however, the above checks doesn't break anything, the incentive is protected by the time check below it. It is non-critical issues. |
|
Let's be considerate of Robert's plight, and keep it as Low Risk knowing what happened. |
|
@alcueca haha, agreed! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Handle
pauliax
Vulnerability details
Impact
I think the conditions should be inclusive '<=' here:
require(position.liquidity < MAX_TICK_LIQUIDITY, "MAX_TICK_LIQUIDITY");
require(incentive.endTime + 5 weeks < incentive.expiry, "END_PAST_BUFFER");
and here the check should not be inclusive as the incentive ids start from 0 and thus incentiveCount is always bigger by 1:
require(incentiveId <= incentiveCount[pool], "NOT_INCENTIVE");
Recommended Mitigation Steps
Review and update these conditions and be careful with such boundary checks (Robert Leshner cries in the corner).
The text was updated successfully, but these errors were encountered: