Dria
Swan
NFTHardhat
21,000 USDC
View results
Previous Next
Submission Details
Severity: medium
Invalid

Division by Zero

axicnode398

  • Location: contracts/libraries/Statistics.sol

function avg(uint256[] memory data) internal pure returns (uint256 ans) {
uint256 sum = 0;
for (uint256 i = 0; i < data.length; i++) {
sum += data[i];
}
ans = sum/data.length; // Potential division by zero if data.length is 0
}

  • Problem: If data.length is 0, the division operation (sum / data.length) will cause a revert due to division by zero. This issue affects all functions (avg, variance, and stddev) that use data.length in division operations without first checking if data.length > 0.

  • Recommendation: Add a check to ensure data.length > 0 before performing any calculations.

  • Tools used: Github and VSC

  • PoC:

    uint256;
    uint256 result = Statistics.avg(emptyArray); // Should revert due to division by zero
    Expected Outcome: The transaction will revert, demonstrating that the function fails to handle empty inputs gracefully.

  • Expected Outcome: The transaction will revert, demonstrating that the function fails to handle empty inputs gracefully.

  • Impact: Causes the transaction to revert, potentially affecting any contract relying on the Statistics library to process empty arrays. This can halt operations that are expected to handle edge cases gracefully.

Updates

Lead Judging Commences

inallhonesty Lead Judge 12 months ago
Submission Judgement Published
Invalidated
Reason: Known issue

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.