Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Overflow in Mode Type #17

Open
code423n4 opened this issue Aug 22, 2021 · 2 comments
Open

Overflow in Mode Type #17

code423n4 opened this issue Aug 22, 2021 · 2 comments
Labels
bug Something isn't working G (Gas Optimization)

Comments

@code423n4
Copy link
Contributor

Handle

leastwood

Vulnerability details

Impact

An invalid input _mode to the function RCFactory.createMarket() will not revert until the event LogMarketCreated2 attempts to cast the input to Mode of type enum. This leads to wasted gas and an overall diminished user experience.

Proof of Concept

https://github.com/code-423n4/2021-08-realitycards/blob/main/contracts/RCFactory.sol#L636-L767

The above link represents the affected function. If input uint32 _mode is set as 3, the corresponding cast to IRCMarket.Mode(_mode) in RCFactory.sol:L725 will cause an overflow error with no relevant revert message to indicate the direct cause of the issue.

Tools Used

Manual code review

Recommended Mitigation Steps

Consider adding a check at the beginning of RCFactory.createMarket() to validate the input uint32 _mode by performing an upper bounds check, i.e. require(_mode <= 2).
@code423n4 code423n4 added 1 (Low Risk) bug Something isn't working labels Aug 22, 2021
code423n4 added a commit that referenced this issue Aug 22, 2021
@code423n4
leastwood issue #17
ddf8825
@Splidge
Copy link
Collaborator

Splidge commented Aug 24, 2021

This is almost the reverse of issue 9 in the last Code423 contest where the checks were required to be removed for gas efficiency.
Given the disputed nature of the changes and the minimal benefit it will have, we will not be changing this right now.
I'll leave it up to the judges to decide if this should be marked as disputed (as it's in conflict with a previous issue) or acknowledged.

@0xean
Copy link
Collaborator

0xean commented Sep 2, 2021

marking as a possible gas optimization rather than a low risk issue

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working G (Gas Optimization)
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@0xean @Splidge @code423n4