DeFiHardhatFoundry
250,000 USDC
View results
Submission Details
Severity: high
Invalid

Potential Integer Overflow in `powerOfTen` Function

Summary

The powerOfTen function in MetadataImage.sol is susceptible to an integer overflow when handling very large stem values. This could lead to incorrect calculation of the scientific notation for the stem, potentially causing unexpected behavior or errors in the contract.

Vulnerability Details

The powerOfTen function determines the exponent for scientific notation based on the range of the input stem value. However, it does not properly handle cases where the stem value is greater than or equal to 1e28. The function uses an if-else ladder to determine the exponent, and the last condition is:

} else if (stem < 1e28) {
return stemDecimals(stem, 27);
} else {
return stemDecimals(stem, 28); // Potential overflow
}

If the stem value is 1e28 or greater, the function will attempt to return stemDecimals(stem, 28). However, the stemDecimals function divides the stem by 10 raised to the power of the exponent. In this case, it would attempt to calculate stem / 10**28, which could result in an integer overflow if the stem value is too large.

Impact

An integer overflow in the powerOfTen function could lead to incorrect calculation of the scientific notation for the stem value. This could have several potential impacts:

  • Incorrect Metadata: The metadata associated with the Beanstalk Silo Deposit NFT could display an incorrect stem value, misleading users about the actual value.

  • Unexpected Behavior: The incorrect stem value could be used in other parts of the contract, potentially leading to unexpected behavior or errors.

  • Loss of Funds: In the worst-case scenario, if the incorrect stem value is used in critical calculations, it could potentially lead to a loss of funds for users.

Tools Used

  • Manual code review

  • Solidity static analysis tools

Recommendations

To mitigate this vulnerability, consider the following recommendations:

  1. Input Validation: Add input validation to the powerOfTen function to ensure that the stem value is within a safe range that will not cause an integer overflow.

  2. Safe Math Libraries: Utilize a safe math library like OpenZeppelin's SafeMath to perform arithmetic operations in the powerOfTen and stemDecimals functions. This would automatically check for overflows and underflows, preventing unexpected behavior.

  3. Alternative Calculation: Consider using an alternative method for calculating the scientific notation that is less susceptible to integer overflows. For example, you could use logarithms to determine the exponent.

Updates

Lead Judging Commences

inallhonesty Lead Judge 11 months ago
Submission Judgement Published
Invalidated
Reason: Incorrect statement

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.