Unchecked blocks may cause underflow
Summary : Arithmetic operations within unchecked blocks in Solidity circumvent overflow and underflow checks.
Vulnerability Details : When subtractions are performed without sufficient boundaries validation, they may underflow. An underflow in an unsigned integer subtraction might cause the value to wrap around to the maximum, resulting in undesired contract behaviour or potential vulnerabilities.
unchecked {
70:
71: vars.cardsWidth =
72: vars.amountWidth + vars.durationWidth + vars.progressWidth + vars.statusWidth + CARD_MARGIN * 3;
73:
74:
75:
76:
77:
78:
79: vars.progressXPosition = (1000 - vars.cardsWidth) / 2; // <= FOUND
80: vars.statusXPosition = vars.progressXPosition + vars.progressWidth + CARD_MARGIN;
81: vars.amountXPosition = vars.statusXPosition + vars.statusWidth + CARD_MARGIN;
82: vars.durationXPosition = vars.amountXPosition + vars.amountWidth + CARD_MARGIN;
83: }
Impact : can produce incorrect computation.
Tools Used : Manual
Recommendations : To avoid such circumstances, developers should either avoid using unchecked blocks for subtraction operations or manually implement checks to guarantee that operands are correct before subtraction.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.