low

Missing Division By 0 Check

Reward

Total

24.49 USDC

Selected
24.49 USDC
Selected Submission

Missing Division By 0 Check

Severity

Low Risk

Summary

The DSCEngine contract defines the getTokenAmountFromUsd function, which implement a division. however, the division by 0 check is missing, which will cause an error if encountered.

Vulnerability Details

the division by zero may happen if the price provided by the pricefeed is 0;

Impact

the division will cause a runtime exception, and the transaction that triggered the division by zero will be reverted.-> transaction will fail & any changes made to the state of the contract during the transaction will be rolled back.

Tools Used

Manual Review

Recommendations

It is recommended to implement a validation mechanism, which will make sure that division by 0 scenarios are handled properly.

  • Consider adding a second price feed oracle.