From b7e1a4bbc511e4295c31a49aaa6ece9bac4bae14 Mon Sep 17 00:00:00 2001
From: herryho <herry.heyi@gmail.com>
Date: Mon, 11 Jul 2022 12:23:29 +0800
Subject: [PATCH 1/3] fix salp srlabs overflow vulnerable

---
 pallets/salp/src/lib.rs | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/pallets/salp/src/lib.rs b/pallets/salp/src/lib.rs
index f7dfd1d666..0b5e70f958 100644
--- a/pallets/salp/src/lib.rs
+++ b/pallets/salp/src/lib.rs
@@ -980,9 +980,10 @@ pub mod pallet {
 		}
 
 		pub(crate) fn block_end_of_lease_period_index(slot: LeasePeriod) -> BlockNumberFor<T> {
-			(slot + 1)
-				.checked_mul(T::LeasePeriod::get())
-				.expect("shouldn't fail when convert Lease to Block")
+			let end_block =
+				(slot + 1).checked_mul(T::LeasePeriod::get()).ok_or(Error::<T>::Overflow)?;
+
+			end_block
 		}
 
 		pub fn find_fund(

From 33c8dc741c2315c078485792906779ccbb4eaf43 Mon Sep 17 00:00:00 2001
From: Herry Ho <45537372+herryho@users.noreply.github.com>
Date: Tue, 12 Jul 2022 06:48:20 +0000
Subject: [PATCH 2/3] fix salp srlabs overflow vulnerable

---
 pallets/salp/src/lib.rs | 27 ++++++++++++++++++---------
 1 file changed, 18 insertions(+), 9 deletions(-)

diff --git a/pallets/salp/src/lib.rs b/pallets/salp/src/lib.rs
index 0b5e70f958..5d0ae171bc 100644
--- a/pallets/salp/src/lib.rs
+++ b/pallets/salp/src/lib.rs
@@ -834,7 +834,8 @@ pub mod pallet {
 
 			ensure!(Self::redeem_pool() >= value, Error::<T>::NotEnoughBalanceInRedeemPool);
 			let cur_block = <frame_system::Pallet<T>>::block_number();
-			ensure!(!Self::is_expired(cur_block, fund.last_slot), Error::<T>::VSBondExpired);
+			let expired = Self::is_expired(cur_block, fund.last_slot)?;
+			ensure!(!expired, Error::<T>::VSBondExpired);
 			T::MultiCurrency::ensure_can_withdraw(vsToken, &who, value)
 				.map_err(|_e| Error::<T>::NotEnoughFreeAssetsToRedeem)?;
 			T::MultiCurrency::ensure_can_withdraw(vsBond, &who, value)
@@ -963,27 +964,35 @@ pub mod pallet {
 			MultisigConfirmAccount::<T>::put(account);
 		}
 		/// Check if the vsBond is `past` the redeemable date
-		pub(crate) fn is_expired(block: BlockNumberFor<T>, last_slot: LeasePeriod) -> bool {
-			let block_begin_redeem = Self::block_end_of_lease_period_index(last_slot);
+		pub(crate) fn is_expired(
+			block: BlockNumberFor<T>,
+			last_slot: LeasePeriod,
+		) -> Result<bool, Error<T>> {
+			let block_begin_redeem = Self::block_end_of_lease_period_index(last_slot)?;
 			let block_end_redeem = block_begin_redeem.saturating_add(T::VSBondValidPeriod::get());
 
-			block >= block_end_redeem
+			Ok(block >= block_end_redeem)
 		}
 
 		/// Check if the vsBond is `in` the redeemable date
 		#[allow(dead_code)]
-		pub(crate) fn can_redeem(block: BlockNumberFor<T>, last_slot: LeasePeriod) -> bool {
-			let block_begin_redeem = Self::block_end_of_lease_period_index(last_slot);
+		pub(crate) fn can_redeem(
+			block: BlockNumberFor<T>,
+			last_slot: LeasePeriod,
+		) -> Result<bool, Error<T>> {
+			let block_begin_redeem = Self::block_end_of_lease_period_index(last_slot)?;
 			let block_end_redeem = block_begin_redeem.saturating_add(T::VSBondValidPeriod::get());
 
-			block >= block_begin_redeem && block < block_end_redeem
+			Ok(block >= block_begin_redeem && block < block_end_redeem)
 		}
 
-		pub(crate) fn block_end_of_lease_period_index(slot: LeasePeriod) -> BlockNumberFor<T> {
+		pub(crate) fn block_end_of_lease_period_index(
+			slot: LeasePeriod,
+		) -> Result<BlockNumberFor<T>, Error<T>> {
 			let end_block =
 				(slot + 1).checked_mul(T::LeasePeriod::get()).ok_or(Error::<T>::Overflow)?;
 
-			end_block
+			Ok(end_block)
 		}
 
 		pub fn find_fund(

From db43a8b8ad0fcffda6806b036f26ba1e350070f9 Mon Sep 17 00:00:00 2001
From: Herry Ho <45537372+herryho@users.noreply.github.com>
Date: Tue, 12 Jul 2022 07:09:36 +0000
Subject: [PATCH 3/3] fix zenlink implemented issue

---
 Cargo.lock | 6 +++---
 Cargo.toml | 6 +++---
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index 005e1ea8cd..2e570f3d52 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -13280,7 +13280,7 @@ dependencies = [
 [[package]]
 name = "zenlink-protocol"
 version = "0.4.4"
-source = "git+https://github.com/zenlinkpro/Zenlink-DEX-Module?rev=70e3c01419a805a6d5243223165114b01ee0c538#70e3c01419a805a6d5243223165114b01ee0c538"
+source = "git+https://github.com/zenlinkpro/Zenlink-DEX-Module?rev=c556f791fb0bd47bf4a22927870c6192b821a953#c556f791fb0bd47bf4a22927870c6192b821a953"
 dependencies = [
  "cumulus-primitives-core",
  "frame-support",
@@ -13303,7 +13303,7 @@ dependencies = [
 [[package]]
 name = "zenlink-protocol-rpc"
 version = "0.4.4"
-source = "git+https://github.com/zenlinkpro/Zenlink-DEX-Module?rev=70e3c01419a805a6d5243223165114b01ee0c538#70e3c01419a805a6d5243223165114b01ee0c538"
+source = "git+https://github.com/zenlinkpro/Zenlink-DEX-Module?rev=c556f791fb0bd47bf4a22927870c6192b821a953#c556f791fb0bd47bf4a22927870c6192b821a953"
 dependencies = [
  "jsonrpsee",
  "parity-scale-codec",
@@ -13318,7 +13318,7 @@ dependencies = [
 [[package]]
 name = "zenlink-protocol-runtime-api"
 version = "0.4.4"
-source = "git+https://github.com/zenlinkpro/Zenlink-DEX-Module?rev=70e3c01419a805a6d5243223165114b01ee0c538#70e3c01419a805a6d5243223165114b01ee0c538"
+source = "git+https://github.com/zenlinkpro/Zenlink-DEX-Module?rev=c556f791fb0bd47bf4a22927870c6192b821a953#c556f791fb0bd47bf4a22927870c6192b821a953"
 dependencies = [
  "parity-scale-codec",
  "sp-api",
diff --git a/Cargo.toml b/Cargo.toml
index 47df49420f..ebd5796344 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -97,9 +97,9 @@ yamux = { opt-level = 3 }
 zeroize = { opt-level = 3 }
 
 [patch.crates-io]
-zenlink-protocol = { git = "https://github.com/zenlinkpro/Zenlink-DEX-Module", rev = "70e3c01419a805a6d5243223165114b01ee0c538" }
-zenlink-protocol-rpc = { git = "https://github.com/zenlinkpro/Zenlink-DEX-Module", rev = "70e3c01419a805a6d5243223165114b01ee0c538" }
-zenlink-protocol-runtime-api = { git = "https://github.com/zenlinkpro/Zenlink-DEX-Module", rev = "70e3c01419a805a6d5243223165114b01ee0c538" }
+zenlink-protocol = { git = "https://github.com/zenlinkpro/Zenlink-DEX-Module", rev = "c556f791fb0bd47bf4a22927870c6192b821a953" }
+zenlink-protocol-rpc = { git = "https://github.com/zenlinkpro/Zenlink-DEX-Module", rev = "c556f791fb0bd47bf4a22927870c6192b821a953" }
+zenlink-protocol-runtime-api = { git = "https://github.com/zenlinkpro/Zenlink-DEX-Module", rev = "c556f791fb0bd47bf4a22927870c6192b821a953" }
 merkle-distributor = { git = "https://github.com/zenlinkpro/merkle-distributor", rev = "de07582de0ad16fd7f0b096ed7a38fae4ce975d4" }
 orml-traits = { git = "https://github.com/open-web3-stack/open-runtime-module-library", rev = "f709ed62262435b3ad80482d309e3575625d1e5b" }
 orml-currencies = { git = "https://github.com/open-web3-stack/open-runtime-module-library", rev = "f709ed62262435b3ad80482d309e3575625d1e5b" }