Sparkn

CodeFox Inc.
DeFiFoundryProxy
15,000 USDC
View results
Submission Details
Severity: medium

Potential Integer Overflow

Description:

In the constructor of the ProxyFactory contract, the unchecked keyword is used in a loop to increment the loop variable. This could potentially lead to an integer overflow scenario if the _whitelistedTokens array is close to its maximum length.

Impact:

If the _whitelistedTokens array length is large, using unchecked for the loop increment might cause unexpected behavior due to integer overflow, leading to unintended loop termination.

Proof of Concept:

  • Deploy the ProxyFactory contract.

  • Create an extremely large _whitelistedTokens array or replicate the scenario in a test contract.

  • Execute the loop in the constructor using the unchecked keyword.

The loop behave unexpectedly due to integer overflow.

Recommendation:

Remove the unchecked keyword and use a standard loop structure with proper bounds checking to avoid potential integer overflow issues.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.