The ConvertFacet
contract contains a potential integer overflow vulnerability in the _depositTokensForConvert
function.
The overflow happens when an arithmetic operation reaches the maximum size of a type. In the _depositTokensForConvert
function, the grownStalk
variable, which represents the amount of grown stalk retained to issue to the new deposit, is added to the active stalk minted to the user. However, there is no validation or check to ensure that the addition of grownStalk
to the active stalk does not result in an integer overflow.
If the addition of grownStalk
to the active stalk exceeds the maximum representable value for the data type used to store stalk amounts, an integer overflow will occur. This could potentially result in incorrect calculations, unexpected behavior, or even exploitation by attackers.
Manual
Use SafeMath: Implement SafeMath or similar safe arithmetic libraries to perform arithmetic operations on stalk amounts to prevent integer overflow vulnerabilities.
Validate Inputs: Ensure that inputs, such as grownStalk, are properly validated and constrained to prevent values that could lead to integer overflow.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.