First Flight #18: T-Swap
First Flight #18
Beginner FriendlyDeFiFoundry
100 EXP
View results
Previous Next
Submission Details
Severity: low
Valid

Default value returned by TSwapPool::swapExactInput results in incorrect return value given

chaossr

Summary

The swapExactInput function is supposed to provide the caller with the actual amount of tokens purchased. However, even though it declares the named return value output, it neither assigns a value to it nor includes an explicit return statement.

Vulnerability Details

The swapExactInput function declares a named return value output but never assigns a value to it or uses an explicit return statement. As a result, the function always returns the default value of output, which is 0.

Impact

The return value will always be 0, giving incorrect information to the caller. This can mislead users and other smart contracts interacting with this function, causing potential issues in their operations or decision-making processes based on the returned value.

Tools Used

Manual Code review

Recommendations

Assign the output return value to the calculated outputAmount and ensure the function returns it explicitly.

function swapExactInput(
IERC20 inputToken,
uint256 inputAmount,
IERC20 outputToken,
uint256 minOutputAmount
)
external
returns (uint256 output)
{
uint256 inputReserves = inputToken.balanceOf(address(this));
uint256 outputReserves = outputToken.balanceOf(address(this));
output = getOutputAmountBasedOnInput(inputAmount, inputReserves, outputReserves);
if (output < minOutputAmount) {
revert TSwapPool__OutputTooLow(output, minOutputAmount);
}
_swap(inputToken, inputAmount, outputToken, output);
return output;
}
Updates

Appeal created

inallhonesty Lead Judge about 1 year ago
Submission Judgement Published
Validated
Assigned finding tags:

Default value returned by TSwapPool::swapExactInput results in incorrect return value given

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.