`MathMasters::mulWad` and `MathMasters::mulWadUp` will revert even when division result is within `uint256` range
Description
MathMasters::mulWad and MathMasters::mulWadUp revert when the multiplication overflows without considering the subsequent division. However, the result of the multiplication and division can be within the uint256 range in this case: $ x \cdot y > \text{type(uint256).max} > \frac{x \cdot y}{WAD} $
Impact
Likelihood: Medium
Occurs whenever : $ x \cdot y > \text{type(uint256).max} > \frac{x \cdot y}{WAD}$ which is equivalent to :
Impact: Medium/Low
If users are unaware of this behavior, the program will revert, leading to unexpected behavior in contracts using this library.
Other libraries, such as
Mathby OpenZeppelin, manage this case, potentially causing confusion for users.
Proof of Concept
Foundry PoC added in MathMasters.t.sol
Recommended Mitigation
Use a well-known and tested library like
Mathby OpenZeppelin.Alternatively, implement a mechanism inspired by existing libraries to handle large numbers when the result can be a valid number after division.
Lead Judging Commences
`mulWadUp` has a bad overflow check
`mulWadUp` has a bad overflow check
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.