0️⃣Oracle Price Returning 0

Book an audit with Zokyo

Null check in pricePerShare

Vulnerability Overview

The code in the provided GitHub links outlines potential vulnerabilities within the WrappedIbbtcEth.sol and WrappedIbbtc.sol contracts of the BadgerDAO repository. The oracle can return a zero value for the share price, serving as a denominator in certain calculations. This situation can lead to reverts caused by SafeMath, as seen here, initiating a Denial of Service (DoS) condition.

Vulnerability Details

When the oracle returns zero as the share price, it becomes a denominator in subsequent calculations. Using zero as the denominator triggers SafeMath to revert transactions, leading to a Denial of Service (DoS). This event prevents users from interacting with the contract, thus disrupting the normal operation of the protocol.

Recommended Mitigation

To prevent a Denial of Service (DoS) arising from zero-value denominators, it is crucial to implement a null check during every update to ensure that the share price returned by the oracle is always greater than zero. Incorporating this check will validate the price, preventing the introduction of a zero denominator in calculations and safeguarding against potential reverts and service disruptions.

Here’s a simplified code snippet to illustrate this:

solidityCopy code// During the price update process
uint256 updatedPrice = oracle.getPrice();
require(updatedPrice > 0, "Price update error: Share price must be greater than zero");
// Continue with the update process using the validated updatedPrice

Implementing this validation step will fortify the contracts against DoS attacks stemming from zero-value share prices, ensuring uninterrupted service and safeguarding user interactions with the protocol.