Use SafeMath to prevent the underflow in handleStratOrderAtID
function
#197
Labels
bug
Something isn't working
disagree with severity
Sponsor confirms validity, but disagrees with warden’s risk assessment (sponsor explain in comments)
duplicate
This issue or pull request already exists
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
Lines of code
https://github.com/code-423n4/2022-05-rubicon/blob/8c312a63a91193c6a192a9aab44ff980fbfd7741/contracts/rubiconPools/BathPair.sol#L226-L227
Vulnerability details
Impact
Subtractions in
handleStratOrderAtID
function at BathPair.sol potentially cause underflown which cause unexpected behaviors.Proof of Concept
Although
SafeMath
is used throughout the codebase, only the following codes do not follow this pattern.https://github.com/code-423n4/2022-05-rubicon/blob/8c312a63a91193c6a192a9aab44ff980fbfd7741/contracts/rubiconPools/BathPair.sol#L226-L227
Tools Used
Static code analysis
Recommended Mitigation Steps
This part should also use SafeMath to prevent the underflow.
The text was updated successfully, but these errors were encountered: