Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

L-1: Add a reset period check to prevent the transaction failing and using all gas #492

Merged
merged 1 commit into from
Sep 9, 2024
Merged

L-1: Add a reset period check to prevent the transaction failing and using all gas #492

merged 1 commit into from
Sep 9, 2024

Conversation

mmv08
Copy link
Member

@mmv08 mmv08 commented Sep 9, 2024
edited
Loading

This PR fixes a low severity audit finding by Ackee:

It is possible to set the resetTimeMin to 0. When the resetBaseMin is bigger
than 0 and the resetTimeMin is 0, then the branch with modulo operation is
triggered and it will cause a division by zero. Since it is also in Solidity version
<0.8.0, it consumes all gas.

@mmv08 mmv08 requested a review from a team as a code owner September 9, 2024 08:46
@mmv08 mmv08 requested review from nlordell, akshay-ap and remedcu and removed request for a team September 9, 2024 08:46
@coveralls
Copy link

Pull Request Test Coverage Report for Build 10769742819

Details

  • 1 of 1 (100.0%) changed or added relevant line in 1 file are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage increased (+0.5%) to 71.053%
Totals Coverage Status
Change from base Build 10631177759: 0.5%
Covered Lines: 100
Relevant Lines: 128
💛 - Coveralls

akshay-ap
akshay-ap approved these changes Sep 9, 2024
View reviewed changes
Copy link
Member

@akshay-ap akshay-ap left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@mmv08 mmv08 merged commit 549ea16 into main Sep 9, 2024
6 checks passed
@mmv08 mmv08 deleted the allowance-module/audit-l1 branch September 9, 2024 09:19
@github-actions github-actions bot locked and limited conversation to collaborators Sep 9, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@akshay-ap akshay-ap akshay-ap approved these changes

@nlordell nlordell nlordell approved these changes

@remedcu remedcu Awaiting requested review from remedcu remedcu is a code owner automatically assigned from safe-global/safe-protocol

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@mmv08 @coveralls @nlordell @akshay-ap