15,000 USDC
View results
Submission Details
Severity: medium
Valid

staleCheckLatestRoundData function doesn't implement proper staleness check

Summary

staleCheckLatestRoundData function doesn't implement proper staleness check. There isn't a check for if the returned price > 0.

Vulnerability Details

In OracleLib.sol, staleCheckLatestRoundData() function fetches the asset price from a Chainlink aggregator using the latestRoundData function. This library is used to check the Chainlink Oracle for stale data. There is a check for if the returned data isn't older than 3 hours. But it is missing additional validations to ensure that if the returned price > 0.

Impact

Stale prices could put funds at risk.

Tools Used

Recommendations

Modify the staleCheck function to add a check for answer > 0 as shown below:

function staleCheckLatestRoundData(AggregatorV3Interface priceFeed)
public
view
returns (uint80, int256, uint256, uint256, uint80)
{
(uint80 roundId, int256 answer, uint256 startedAt, uint256 updatedAt, uint80 answeredInRound) =
priceFeed.latestRoundData();
uint256 secondsSince = block.timestamp - updatedAt;
if (secondsSince > TIMEOUT) revert OracleLib__StalePrice();
require(answer > 0, "Chainlink price <= 0");
require(answeredInRound >= roundID, "Stale price");
return (roundId, answer, startedAt, updatedAt, answeredInRound);
}

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.