Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
code423n4Code4renaCODE423N4:2023-08-POOLTOGETHER-FINDINGS-ISSUES-132
HistoryAug 07, 2023 - 12:00 a.m.

integer underflow vulnerability in the _fractionalReward() function

2023-08-0700:00:00
Code4rena
github.com
4
vulnerability
impact
code
mitigation
underflow
proof of concept
JSON

Lines of code

Vulnerability details

Impact

It could cause an integer underflow when calculating the reward fraction, resulting in the attacker getting more rewards than intended. True or false, explain in details, show relevant code and explain proof of co

Proof of Concept

The RewardLib.fractionalReward() takes _elapsedSeconds as one of its parameters. If an attacker provides a very large _elapsedSeconds value near UINT64_MAX, when it is subtracted from _auctionDurationSeconds, it could underflow and become a very small number.

Tools Used

Manual

Recommended Mitigation Steps

add a check to ensure _elapsedSeconds is less than _auctionDurationSeconds before calling RewardLib.fractionalReward():

Assessed type

Under/Overflow

The text was updated successfully, but these errors were encountered:

All reactions

JSON