Tadle
Tadle
DeFiFoundry
27,750 USDC
View results
Previous Next
Submission Details
Severity: medium
Invalid

Lack of Sufficient Input Validation in `createOffer` Function

swapnaliss

Vulnerability Details:

The createOffer function within the PreMarkets contract performs limited input validation. While it ensures that params.points and params.amount are non-zero, it does not impose upper limits on these values, potentially permitting extremely large values to be submitted.

Impact:

Permitting excessively large values could trigger unintended behavior, such as overflows in subsequent calculations, excessive gas consumption, or even destabilization of the system’s economic model.

Proof of Concept:

The following demonstrates how this issue might be exploited:
Link to code

function createOffer(CreateOfferParams calldata params) external payable {
if (params.points == 0x0 || params.amount == 0x0) {
revert Errors.AmountIsZero();
}
// Rest of the function...
}
// A malicious user might invoke the function with extreme values:
createOffer({
points: type(uint256).max,
amount: type(uint256).max,
// Other parameters...
});

Tools Used

Recommendations:

  1. Add upper bounds validation for params.points and params.amount:

require(params.points <= MAX_POINTS, "Points exceed maximum limit");
require(params.amount <= MAX_AMOUNT, "Amount exceeds maximum limit");

  1. Conduct reasonability checks based on the intended use of the contract to ensure inputs fall within practical ranges.

  2. Extend validation to other parameters within the CreateOfferParams struct to confirm they are within acceptable limits.

Updates

Lead Judging Commences

0xnevi Lead Judge
about 1 year ago
0xnevi Lead Judge about 1 year ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.