https://github.com/Cyfrin/2024-12-quantamm/blob/main/pkg/pool-quantamm/contracts/UpdateWeightRunner.sol

The function setWeightsManually does not validate the uint40 _lastInterpolationTimePossible parameter, allowing values greater than the maximum range for a uint40 (2^40 - 1). This could lead to unexpected behavior, overflows, or incorrect handling of the time-related logic, especially if the value is used in calculations or time-sensitive operations.

Vulnerability Details

Call the setWeightsManually function with an invalid _lastInterpolationTimePossible value greater than 2^40 - 1.

The contract will accept the invalid value without any checks, which could result in overflow or other unexpected behavior.

Expected: The contract should validate that _lastInterpolationTimePossible is within the valid range for uint40 (i.e., between 0 and 2^40 - 1).

Actual: The contract does not perform a range check on _lastInterpolationTimePossible. As a result, values greater than 2^40 - 1 could be passed, potentially causing issues in downstream logic.

Impact

This bug can affect the proper functioning of the contract, especially in time-sensitive logic. Overflow or incorrect behavior could disrupt contract execution and lead to unintended consequences.

Tools Used

Manual Review

Recommendations

Add a validation check for the _lastInterpolationTimePossible parameter to ensure it is within the valid range for uint40. The check can be added as follows:

require(_lastInterpolationTimePossible <= type(uint40).max, "Invalid time value for lastInterpolationTimePossible");

This bug represents a gap in input validation for the uint40 _lastInterpolationTimePossible parameter. Implementing the suggested range check would eliminate the possibility of invalid values and improve the stability and security of the contract.