Submission Details
Severity:
Default value returned by TSwapPool::swapExactInput results in incorrect return value given
Summary:
The swapExactInput function is expected to return the actual amount of tokens bought by the caller. However, while it declares the named return value output it is never assigned a value, nor uses an explicit return statement.
Vulnerability Details:
Impact:
The return value will always be 0, giving incorrect information to the caller.
Tools Used
Recommendations:
{
uint256 inputReserves = inputToken.balanceOf(address(this));
uint256 outputReserves = outputToken.balanceOf(address(this));
-
uint256 outputAmount = getOutputAmountBasedOnInput(inputAmount, inputReserves, outputReserves);
-
output = getOutputAmountBasedOnInput(inputAmount, inputReserves, outputReserves);
-
if (outputAmount < minOutputAmount) { -
revert TSwapPool__OutputTooLow(outputAmount, minOutputAmount);
-
if (output < minOutputAmount) { -
revert TSwapPool__OutputTooLow(outputAmount, minOutputAmount); }
-
_swap(inputToken, inputAmount, outputToken, outputAmount);
-
_swap(inputToken, inputAmount, outputToken, output);}
Updates
Appeal created
inallhonesty 12 months ago
Submission Judgement Published Assigned finding tags:
Default value returned by TSwapPool::swapExactInput results in incorrect return value given
Rewards breakdown
nSLOC
276This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.