Fix srlabs vulnerabilities (#651)

* fix salp srlabs overflow vulnerable * fix salp srlabs overflow vulnerable * fix zenlink implemented issue
bifrost-io · Jul 12, 2022 · 6fc61c1 · 6fc61c1
1 parent 9cbd434
commit 6fc61c1
Show file tree

Hide file tree

Showing 3 changed files with 27 additions and 17 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -97,9 +97,9 @@ yamux = { opt-level = 3 }
 zeroize = { opt-level = 3 }
 
 [patch.crates-io]
-zenlink-protocol = { git = "https://github.com/zenlinkpro/Zenlink-DEX-Module", rev = "70e3c01419a805a6d5243223165114b01ee0c538" }
-zenlink-protocol-rpc = { git = "https://github.com/zenlinkpro/Zenlink-DEX-Module", rev = "70e3c01419a805a6d5243223165114b01ee0c538" }
-zenlink-protocol-runtime-api = { git = "https://github.com/zenlinkpro/Zenlink-DEX-Module", rev = "70e3c01419a805a6d5243223165114b01ee0c538" }
+zenlink-protocol = { git = "https://github.com/zenlinkpro/Zenlink-DEX-Module", rev = "c556f791fb0bd47bf4a22927870c6192b821a953" }
+zenlink-protocol-rpc = { git = "https://github.com/zenlinkpro/Zenlink-DEX-Module", rev = "c556f791fb0bd47bf4a22927870c6192b821a953" }
+zenlink-protocol-runtime-api = { git = "https://github.com/zenlinkpro/Zenlink-DEX-Module", rev = "c556f791fb0bd47bf4a22927870c6192b821a953" }
 merkle-distributor = { git = "https://github.com/zenlinkpro/merkle-distributor", rev = "de07582de0ad16fd7f0b096ed7a38fae4ce975d4" }
 orml-traits = { git = "https://github.com/open-web3-stack/open-runtime-module-library", rev = "f709ed62262435b3ad80482d309e3575625d1e5b" }
 orml-currencies = { git = "https://github.com/open-web3-stack/open-runtime-module-library", rev = "f709ed62262435b3ad80482d309e3575625d1e5b" }

diff --git a/pallets/salp/src/lib.rs b/pallets/salp/src/lib.rs
@@ -834,7 +834,8 @@ pub mod pallet {
 
 			ensure!(Self::redeem_pool() >= value, Error::<T>::NotEnoughBalanceInRedeemPool);
 			let cur_block = <frame_system::Pallet<T>>::block_number();
-			ensure!(!Self::is_expired(cur_block, fund.last_slot), Error::<T>::VSBondExpired);
+			let expired = Self::is_expired(cur_block, fund.last_slot)?;
+			ensure!(!expired, Error::<T>::VSBondExpired);
 			T::MultiCurrency::ensure_can_withdraw(vsToken, &who, value)
 				.map_err(|_e| Error::<T>::NotEnoughFreeAssetsToRedeem)?;
 			T::MultiCurrency::ensure_can_withdraw(vsBond, &who, value)
@@ -963,26 +964,35 @@ pub mod pallet {
 			MultisigConfirmAccount::<T>::put(account);
 		}
 		/// Check if the vsBond is `past` the redeemable date
-		pub(crate) fn is_expired(block: BlockNumberFor<T>, last_slot: LeasePeriod) -> bool {
-			let block_begin_redeem = Self::block_end_of_lease_period_index(last_slot);
+		pub(crate) fn is_expired(
+			block: BlockNumberFor<T>,
+			last_slot: LeasePeriod,
+		) -> Result<bool, Error<T>> {
+			let block_begin_redeem = Self::block_end_of_lease_period_index(last_slot)?;
 			let block_end_redeem = block_begin_redeem.saturating_add(T::VSBondValidPeriod::get());
 
-			block >= block_end_redeem
+			Ok(block >= block_end_redeem)
 		}
 
 		/// Check if the vsBond is `in` the redeemable date
 		#[allow(dead_code)]
-		pub(crate) fn can_redeem(block: BlockNumberFor<T>, last_slot: LeasePeriod) -> bool {
-			let block_begin_redeem = Self::block_end_of_lease_period_index(last_slot);
+		pub(crate) fn can_redeem(
+			block: BlockNumberFor<T>,
+			last_slot: LeasePeriod,
+		) -> Result<bool, Error<T>> {
+			let block_begin_redeem = Self::block_end_of_lease_period_index(last_slot)?;
 			let block_end_redeem = block_begin_redeem.saturating_add(T::VSBondValidPeriod::get());
 
-			block >= block_begin_redeem && block < block_end_redeem
+			Ok(block >= block_begin_redeem && block < block_end_redeem)
 		}
 
-		pub(crate) fn block_end_of_lease_period_index(slot: LeasePeriod) -> BlockNumberFor<T> {
-			(slot + 1)
-				.checked_mul(T::LeasePeriod::get())
-				.expect("shouldn't fail when convert Lease to Block")
+		pub(crate) fn block_end_of_lease_period_index(
+			slot: LeasePeriod,
+		) -> Result<BlockNumberFor<T>, Error<T>> {
+			let end_block =
+				(slot + 1).checked_mul(T::LeasePeriod::get()).ok_or(Error::<T>::Overflow)?;
+
+			Ok(end_block)
 		}
 
 		pub fn find_fund(