There is a risk of integer overflow in the _withdrawTokens
function, specifically in the calculation of a.active.stalk.
The line a.active.stalk = a.active.stalk.add(LibSilo.stalkReward(stems[i], germStem.stemTip, depositBDV.toUint128()))
involves an addition operation that may result in an integer overflow if the operands exceed the maximum representable value.
If an integer overflow occurs, it can lead to unexpected behavior or vulnerabilities in the contract. Integer overflows can result in incorrect calculations, potentially allowing attackers to manipulate contract states or cause financial losses. In this case, an overflow in the calculation of a.active.stalk
could lead to incorrect issuance of stalk rewards or incorrect accounting of deposited tokens.
Manual
Use SafeMath functions to perform arithmetic operations to prevent integer overflow. Ensure that the addition operation does not result in a value greater than the maximum representable value for the data type.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.