Over/Underflow vulnerabilities

From WEB3 Vulnerapedia
Jump to navigation Jump to search

Overflow and Underflow vulnerabilities are related to arithmetic operations on numeric data types. These vulnerabilities arise when the result of a calculation exceeds the maximum or falls below the minimum representable value for the data type being used. They can lead to unexpected behavior, such as incorrect calculations, manipulation of smart contracts, or even system crashes. Preventing overflows and underflows requires careful validation of input data, using safe arithmetic libraries, and implementing defensive programming practices to ensure the integrity and security of Web3 applications.


Overflow ilustration

In Solidity, uint data types are commonly used, instead of Int. Which as illustrated in the picture above means when you have a variable of type uint8, its maximum value is 2⁸-1, or 255.

And if you add 1 to 255, is not going to be 256 but 0. And that is what it’s known as overflow.

Similarly, if 1 is deducted from a uint8 = 0, and taking into account on uint data type there are only positive numbers, the result will be 255, and this would be an underflow. This applies to all uint sizes, it's not different with a 2²⁵⁶ with uint256, because for example adding 3 to its maximum number, 2²⁵⁶ + 3 = 2.

Types of high issues

Silent overlow

Missing validation for a parameter passed to an external function

Funds stolen due to an overflow happening inside an unchecked

Assuming all ERC20 tokens have a similar amount of decimals

Neglecting the transfer fees from some ERC20 tokens