[Hacken 2022-11-25 High #1] Denial of Service Vulnerability #30
Milestone
Comments
zlace0x
added a commit
that referenced
this issue
Dec 5, 2022
Merged
zlace0x
added a commit
that referenced
this issue
Dec 12, 2022
* fix: addresses #32, allowance() amount should reflect transferable amounts for transferFrom() and transfer() * fix: comment contradition #43 * wip: added overflow test cases according to #30, identified area of overflow * fix: potential fix for #30 * refactor: adhere to checks-effects-interaction pattern #35 * fix: make allowance() external #45 * fix: dropped virtual from permit, permitRenewable #44 * refactor: added require reason * chore: added gas reports * fix: solidity compiler for deploy script * Chore/natspec (#53) * style: grouped functions * forge install: openzeppelin-contracts * chore: updates to lib * chore: natspec comments for contracts * chore: closes #39 and #40 * chore: removed unused solmate * refactor: moved saturatingAdd to mathUtil * chore: cleanup * Apply suggestions from code review Co-authored-by: zlace0x <81418809+zlace0x@users.noreply.github.com> * fix: resolve some comments * doc: generated docs under doc/ * chore: cleanups on comments * style: use custom errors instead (#56) * style: use custom errors instead * fix: structured files for custom errors * style: change INITIAL values to upper-case * Update src/Funnel.sol Co-authored-by: zlace0x <81418809+zlace0x@users.noreply.github.com> Co-authored-by: Edison <6057323+edison0x@users.noreply.github.com> Co-authored-by: zlace0x <81418809+zlace0x@users.noreply.github.com> * chore: fix comments slashes * fix: apply linter version changes Co-authored-by: Edison <6057323+edison0x@users.noreply.github.com> Co-authored-by: zlace0x <zlace0x@gmail.com> Co-authored-by: zlace0x <81418809+zlace0x@users.noreply.github.com> Co-authored-by: Edison <6057323+edison0xyz@users.noreply.github.com> Co-authored-by: Edison <6057323+edison0x@users.noreply.github.com>
zlace0x
added a commit
that referenced
this issue
Dec 12, 2022
* fix: resolves #48 resolves 45 resolves #44 resolves #41 resolves #38 * fix: closes #34 * fix: zero address validation and make functions external. Closes #42 closes #45 * fixed pragma. closes #36 * fix as 0.8.17 * fix: remove solmate * refactor: PR comments - reorder imports, fix qoutes - removed virtual for _checkOn* functions - added virtual to supportsInterface - fix compiler version to 0.8.17 * fix: addresses #32, allowance() amount should reflect transferable amounts for transferFrom() and transfer() * fix: comment contradition #43 * wip: added overflow test cases according to #30, identified area of overflow * fix: potential fix for #30 * refactor: adhere to checks-effects-interaction pattern #35 * fix: make allowance() external #45 * fix: dropped virtual from permit, permitRenewable #44 * refactor: added require reason * chore: added gas reports * fix: solidity compiler for deploy script * Chore/natspec (#53) * style: grouped functions * forge install: openzeppelin-contracts * chore: updates to lib * chore: natspec comments for contracts * chore: closes #39 and #40 * chore: removed unused solmate * refactor: moved saturatingAdd to mathUtil * chore: cleanup * Apply suggestions from code review Co-authored-by: zlace0x <81418809+zlace0x@users.noreply.github.com> * fix: resolve some comments * doc: generated docs under doc/ * chore: cleanups on comments * style: use custom errors instead (#56) * style: use custom errors instead * fix: structured files for custom errors * style: change INITIAL values to upper-case * Update src/Funnel.sol Co-authored-by: zlace0x <81418809+zlace0x@users.noreply.github.com> Co-authored-by: Edison <6057323+edison0x@users.noreply.github.com> Co-authored-by: zlace0x <81418809+zlace0x@users.noreply.github.com> * chore: fix comments slashes * fix: apply linter version changes Co-authored-by: Edison <6057323+edison0x@users.noreply.github.com> Co-authored-by: zlace0x <zlace0x@gmail.com> Co-authored-by: zlace0x <81418809+zlace0x@users.noreply.github.com> Co-authored-by: Edison <6057323+edison0x@users.noreply.github.com> Co-authored-by: Edison <6057323+edison0xyz@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The internal function
_remainingAllowance()will revert with overflow in situations where theapproveRenewable()orpermitRenewable()functions will be used to approve a max uint256 value with arecoveryRate > 0.The overflow can occur with different edge cases:
The
_remainingAllowance()function is used byallowance()andtransferFrom(). These functions will be unusable after such approval.Path
./src/Funnel.sol: allowance(), _remainingAllowance(), transferFrom()
Recommendation
Rewrite the logic to prevent overflows.
Status
New
The text was updated successfully, but these errors were encountered: