Liquidity Management
Gamma
DeFiFoundry
50,000 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

Unprotected overflow issue in getUserDeposits function

bladesec

Title

Unprotected overflow issue in getUserDeposits function

Summary

The getUserDeposits function in the PerpetualVault contract has a potential issue with integer overflow.

Vulnerability Details

Below is a function from the PerpetualVault contract:

function getUserDeposits(address user) external view returns (uint256[] memory depositIds) {
uint256 length = EnumerableSet.length(userDeposits[user]);
depositIds = new uint256[](length);
for (uint8 i = 0; i < length; ) {
depositIds[i] = EnumerableSet.at(userDeposits[user], i);
unchecked {
i = i + 1;
}
}
}

Because the loop variable i uses uint8, which can only store values up to 255, if a user has more than 255 deposits, the loop variable overflows, causing problems like infinite loops or incorrect data.

Impact

If a user has more than 255 deposits, the function will fail, which could disrupt the application.

Tools Used

Manual Review

Recommendations

Change the loop variable type from uint8 to uint256.

Updates

Lead Judging Commences

n0kto Lead Judge 5 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity
Assigned finding tags:

Informational or Gas

Please read the CodeHawks documentation to know which submissions are valid. If you disagree, provide a coded PoC and explain the real likelihood and the detailed impact on the mainnet without any supposition (if, it could, etc) to prove your point.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.