From 2d8577bedf6c7891541e449e861b5f88a4c7b5b7 Mon Sep 17 00:00:00 2001 From: zhaogang92 Date: Wed, 27 Apr 2022 18:13:26 +0000 Subject: [PATCH 1/2] Fixed three integer overflows in binary-option --- binary-option/program/src/error.rs | 2 ++ binary-option/program/src/processor.rs | 12 +++++++++--- binary-option/program/src/state.rs | 8 ++++++-- 3 files changed, 17 insertions(+), 5 deletions(-) diff --git a/binary-option/program/src/error.rs b/binary-option/program/src/error.rs index 1a597ea1386..c04e0d8b543 100644 --- a/binary-option/program/src/error.rs +++ b/binary-option/program/src/error.rs @@ -28,6 +28,8 @@ pub enum BinaryOptionError { PublicKeysShouldBeUnique, #[error("TradePricesIncorrect")] TradePricesIncorrect, + #[error("AmountOverflow")] + AmountOverflow, } impl From for ProgramError { diff --git a/binary-option/program/src/processor.rs b/binary-option/program/src/processor.rs index cf91338ded1..fb3a8e90673 100644 --- a/binary-option/program/src/processor.rs +++ b/binary-option/program/src/processor.rs @@ -234,7 +234,10 @@ pub fn process_trade( ]; // Validate data - if buy_price + sell_price != u64::pow(10, binary_option.decimals as u32) { + let total_price = buy_price + .checked_add(sell_price) + .ok_or(BinaryOptionError::TradePricesIncorrect)?; + if total_price != u64::pow(10, binary_option.decimals as u32) { return Err(BinaryOptionError::TradePricesIncorrect.into()); } if binary_option.settled { @@ -411,7 +414,7 @@ pub fn process_trade( seeds, )?; if n > n_b + n_s { - binary_option.increment_supply(n - n_b - n_s); + binary_option.increment_supply(n - n_b - n_s)?; } else { binary_option.decrement_supply(n - n_b - n_s)?; } @@ -707,7 +710,10 @@ pub fn process_collect(program_id: &Pubkey, accounts: &[AccountInfo]) -> Program seeds, )?; if reward > 0 { - let amount = (reward * escrow_account.amount) / binary_option.circulation; + let amount = reward + .checked_mul(escrow_account.amount) + .ok_or(BinaryOptionError::AmountOverflow)?; + let amount = amount / binary_option.circulation; spl_token_transfer_signed( token_program_info, escrow_account_info, diff --git a/binary-option/program/src/state.rs b/binary-option/program/src/state.rs index be46400f843..f06b29a0c7e 100644 --- a/binary-option/program/src/state.rs +++ b/binary-option/program/src/state.rs @@ -28,8 +28,12 @@ impl BinaryOption { Ok(binary_option) } - pub fn increment_supply(&mut self, n: u64) { - self.circulation += n; + pub fn increment_supply(&mut self, n: u64) -> ProgramResult { + self.circulation = self + .circulation + .checked_add(n) + .ok_or(BinaryOptionError::InvalidSupply)?; + Ok(()) } pub fn decrement_supply(&mut self, n: u64) -> ProgramResult { From 34429d27a4c9136776c47c55916a932374ec4ff3 Mon Sep 17 00:00:00 2001 From: zhaogang Date: Thu, 28 Apr 2022 11:52:13 -0500 Subject: [PATCH 2/2] Update binary-option/program/src/state.rs Change error type to AmountOverflow. Co-authored-by: Jon Cinque --- binary-option/program/src/state.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/binary-option/program/src/state.rs b/binary-option/program/src/state.rs index f06b29a0c7e..4f139112475 100644 --- a/binary-option/program/src/state.rs +++ b/binary-option/program/src/state.rs @@ -32,7 +32,7 @@ impl BinaryOption { self.circulation = self .circulation .checked_add(n) - .ok_or(BinaryOptionError::InvalidSupply)?; + .ok_or(BinaryOptionError::AmountOverflow)?; Ok(()) }