RustFund
First Flight #36
Beginner FriendlyRust
100 EXP
View results
Previous Next
Submission Details
Severity: low
Invalid

Unchecked Arithmetic in Fund Amount Tracking

0xkmr_

Summary

The RustFund protocol uses unchecked arithmetic when incrementing the amount_raised field in the contribute function, which could potentially lead to integer overflow and incorrect fund accounting.

Vulnerability Details

In the contribute function, when a user contributes SOL to a fund, the protocol updates the total amount raised using unchecked addition:

pub fn contribute(ctx: Context<FundContribute>, amount: u64) -> Result<()> {
// Transfer SOL from contributor to fund account
let cpi_context = CpiContext::new(
ctx.accounts.system_program.to_account_info(),
system_program::Transfer {
from: ctx.accounts.contributor.to_account_info(),
to: fund.to_account_info(),
},
);
system_program::transfer(cpi_context, amount)?;
fund.amount_raised += amount; // @audit - Unchecked addition
Ok(())
}

Impact

Low

Tools Used

Manual Review

Recommendations

fund.amount_raised = fund.amount_raised.checked_add(amount)
.ok_or(ErrorCode::CalculationOverflow)?;

Add the above line of code

Updates

Appeal created

bube Lead Judge 2 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity
Assigned finding tags:

[Invalid] Arithmetic overflow in `contribute` function

The max value of u64 is: 18,446,744,073,709,551,615 or around 18.4 billion SOL, given that the total supply of SOL on Solana is 512.50M, the scenario when the `contribute` function will revert due to overflow is very very unlikely to happen. Therefore, this is informational finding.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.