Submission Details
Severity:
Dos if total supply of `unripeToken` is 0
Summary
The getUnderlyingPerUnripeToken will return the amount of underlying per unripe token , However it does not check for division by 0.
Vulnerability Details
The getUnderlyingPerUnripeToken return the amount of underlying token per Unripe token. It is possible that the unripe token total supply is 0. so in this case it will Dos and return unexpected results
function getUnderlyingPerUnripeToken(address unripeToken)
external
view
returns (uint256 underlyingPerToken)
{
underlyingPerToken = s
.u[unripeToken]
.balanceOfUnderlying
.mul(LibUnripe.DECIMALS)
.div(IERC20(unripeToken).totalSupply()); // @audit : div by 0
}
Impact
Dos, the contract does not return expected results.
Tools Used
Manual Review
Recommendations
check if totalSupply of unripeToken is 0 then return balanceOfUnderlying
--- a/protocol/contracts/beanstalk/barn/UnripeFacet.sol
+++ b/protocol/contracts/beanstalk/barn/UnripeFacet.sol
contract UnripeFacet is ReentrancyGuard {
view
returns (uint256 underlyingPerToken)
{
+ if(IERC20(unripeToken).totalSupply() ==0) return s.u[unripeToken].balanceOfUnderlying;
underlyingPerToken = s
Updates
Lead Judging Commences
giovannidisiena over 1 year ago
Submission Judgement Published Reason: Design choice
Assigned finding tags:
Zero unripe supply
Prize pool breakdown
Total prize
35,000 USDC
nSLOC
1,99118 USDC / LOC
30,000 USDC
1,500 USDC
3,500 USDC
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.