Core Contracts
Regnum Aurum Acquisition Corp
HardhatReal World AssetsNFT
77,280 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

Lack of Input Validation in `buy` Function

princekay

Description

The buy function does not validate the amount parameter, which can lead to unintended behavior and potential vulnerabilities. Specifically:

  1. If amount is zero, the function will still execute, wasting gas and emitting an unnecessary event.

  2. If amount is larger than the maximum allowed, it could cause issues such as gas limit exhaustion or overflow in calculations.

Impact

  1. Gas Waste: Users can call the function with amount = 0, resulting in unnecessary gas consumption and state changes.

  2. Unexpected Behavior: If amount is invalid (e.g., zero or excessively large), the function may behave unpredictably or fail, leading to a poor user experience.

  3. Potential Exploits: Lack of validation could be exploited in combination with other vulnerabilities (e.g., integer overflow).

Affected Code

function buy(uint256 amount) external whenActive {
require(amount <= state.totalRemaining, "Not enough ZENO remaining");
uint256 price = getPrice();
uint256 cost = price * amount;
require(usdc.transferFrom(msg.sender, businessAddress, cost), "Transfer failed");
bidAmounts[msg.sender] += amount;
state.totalRemaining -= amount;
state.lastBidTime = block.timestamp;
state.lastBidder = msg.sender;
zeno.mint(msg.sender, amount);
emit ZENOPurchased(msg.sender, amount, price);
}

Steps to Reproduce

  1. Call the buy function with amount = 0.

  2. Observe that the function executes successfully, wasting gas and emitting an event without any meaningful state change.

Recommendation

Add input validation to ensure amount is within a valid range. Specifically:

  1. Ensure amount is greater than zero.

  2. Optionally, enforce a maximum purchase limit to prevent gas limit issues or overflow.

Here’s the updated code with input validation:

function buy(uint256 amount) external whenActive {
require(amount > 0, "Amount must be greater than zero");
require(amount <= state.totalRemaining, "Not enough ZENO remaining");
uint256 price = getPrice();
uint256 cost = price * amount;
require(cost / price == amount, "Overflow in cost calculation");
require(usdc.transferFrom(msg.sender, businessAddress, cost), "Transfer failed");
bidAmounts[msg.sender] += amount;
state.totalRemaining -= amount;
state.lastBidTime = block.timestamp;
state.lastBidder = msg.sender;
zeno.mint(msg.sender, amount);
emit ZENOPurchased(msg.sender, amount, price);
}
Updates

Lead Judging Commences

inallhonesty Lead Judge 4 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.