Description

The contract makes sporadic use of unchecked blocks to improve gas efficiency. Solidity does not perform some safety checks when compiling code placed inside unchecked blocks; most notably, it does not check for integer overflows and underflows.

While most unchecked blocks are safe, some functions such as distributeAndSwap contain code that might potentially compute results that over/underflow.

function distributeAndSwap(uint256 stream, address from, address tokenIn, uint256 amountTotal) private {
  uint8 num = stream.readUint8();
  unchecked {
    for (uint256 i = 0; i < num; ++i) {
      uint16 share = stream.readUint16();
      uint256 amount = (amountTotal * share) / 65535;   // OVERFLOW
      amountTotal -= amount;                            // UNDERFLOW
      swap(stream, from, tokenIn, amount);
    }
  }
}

In this case, the amount variable might overflow, and the amountTotal -= amount calculation might underflow.

Impact

This does not represent an exploitable security issue in the context of RouteProcessor3, since the arguments provided to the contract are controlled by the same user that invokes the contract and would be affected by an over/underflow. Furthermore, we believe no reasonable usage of the contract would trigger this bug by accident.

We report this issue as informational as a hardening suggestion.

Recommendations

Check over and underflows on calculations that might potentially cause such a condition.

Remediation

This issue has been acknowledged by Sushiswap.