Beanstalk: Dive Into Basin
Beanstalk
DeFiHardhat
12,000 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

Division by Zero in Mathematical Functions

daniel526

Summary

The roundUpDiv and mulDivOrMax functions in the LibMath library perform division operations that could result in a division by zero if the denominator input is zero.

Vulnerability Details

In Solidity, division by zero is a critical issue that can cause transactions to revert. The roundUpDiv function performs a division operation (a - 1) / b + 1 without checking if b is zero. Similarly, mulDivOrMax performs multiple division operations without explicit checks for a zero denominator.

For roundUpDiv:

function roundUpDiv(uint256 a, uint256 b) internal pure returns (uint256) {
if (a == 0) return 0;
return (a - 1) / b + 1;
}

For mulDivOrMax:

// ... within the function
if (prod1 == 0) {
return prod0 / denominator; // Potential division by zero
}
// ...

Impact

If either function is called with a denominator of zero, the transaction will revert, potentially leading to denial of service or other unintended effects in dependent contracts.

Tools Used

Manual

Recommendations

Implement a check to ensure the denominator is not zero before performing the division.

Updates

Lead Judging Commences

giovannidisiena Lead Judge about 1 year ago
Submission Judgement Published
Invalidated
Reason: Incorrect statement
Assigned finding tags:

Informational/Invalid

daniel526 Submitter
about 1 year ago
giovannidisiena Lead Judge about 1 year ago
Submission Judgement Published
Invalidated
Reason: Incorrect statement
Assigned finding tags:

Informational/Invalid

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.