First Flight #13: Baba Marta

First Flight #13

Beginner FriendlyFoundryGameFi

100 EXP

View results

Previous Next

Submission Details

Severity: low

Invalid

Risk of underflow in `MartenitsaMarketplace::collectReward()`

topstar

Summary

Function collectReward is calculating the rewards for the users eligible for a reward. However and underflow is possible.

Vulnerability Details

uint256 amountRewards = (count / requiredMartenitsaTokens) - _collectedRewards[msg.sender]; is not using any checks preventing overflow/underflow.

Impact

Division: The line uint256 amountRewards = (count / requiredMartenitsaTokens) - _collectedRewards[msg.sender]; performs division to calculate the number of rewards to distribute. However, if count is less than requiredMartenitsaTokens, the result of the division will be zero.

Subtraction: Then, subtracting _collectedRewards[msg.sender] from this result might cause unexpected behavior. If _collectedRewards[msg.sender] is greater than the division result, it could result in a negative value, which is likely not the intended behavior.

To fix this, you should ensure that the division result is at least as large as _collectedRewards[msg.sender] before subtracting.

Tools Used

Manual review

Recommendations

Use openzeppelin safemath or add

function collectReward() external {

require(!martenitsaToken.isProducer(msg.sender), "You are a producer and not eligible for a reward!");

uint256 count = martenitsaToken.getCountMartenitsaTokensOwner(msg.sender);

uint256 amountRewards = (count / requiredMartenitsaTokens);

+ require(amountRewards > _collectedRewards[msg.sender], "No new rewards to collect");

amountRewards -= _collectedRewards[msg.sender];

+ _collectedRewards[msg.sender] += amountRewards;

healthToken.distributeHealthToken(msg.sender, amountRewards);

}

Updates

Lead Judging Commences

bube Lead Judge about 1 year ago

Submission Judgement Published

Invalidated

Reason: Non-acceptable severity

Assigned finding tags:

underflow

Rewards breakdown

nSLOC

239

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.