- Refactored the safe_multiply_offer helper function to return the product of two numbers after checked multiplication. This helps ensure arithmetic safety by throwing an ArithmeticOverflow error when an overflow occurs. Adjusted the start_take_sell_order function to incorporate these changes. It now uses the return value from safe_multiply_offer in calculations which increases the safety and reliability of our operations.

didiermis · didiermis · commit 0936cea500e3 · 2024-03-21T17:04:17.000-06:00
- Made adjustments in the test case `replicate_overflow_for_start_take_sell_order` omitting the unused variable `offer` for cleaner and more efficient code.
- Revised the `safe_add` function to return the sum of two numbers after checked addition. This helps ensure arithmetic safety by throwing an `ArithmeticOverflow` error when an overflow occurs. The `do_calculate_drawdown_total_amount` and `do_calculate_revenue_total_amount` functions have been updated to use the returned value from `safe_add` which increases arithmetic safety in these functions.
diff --git a/pallets/afloat/src/functions.rs b/pallets/afloat/src/functions.rs
@@ -474,12 +474,10 @@ impl<T: Config> Pallet<T> {
 			Error::<T>::NotEnoughTaxCreditsAvailable
 		);
 
-		// check arithmatic overflow
-		Self::safe_multiply_offer(offer.price_per_credit, tax_credit_amount)?;
 		//ensure user has enough afloat balance
 		ensure!(
 			Self::do_get_afloat_balance(who.clone())? >=
-				offer.price_per_credit * tax_credit_amount.into(),
+				Self::safe_multiply_offer(offer.price_per_credit, tax_credit_amount.into())?,
 			Error::<T>::NotEnoughAfloatBalanceAvailable
 		);
 		let zero_balance: T::Balance = Zero::zero();
@@ -488,7 +486,7 @@ impl<T: Config> Pallet<T> {
 
 		let creation_date: u64 = T::Timestamp::now().into();
 		let price_per_credit: T::Balance = offer.price_per_credit.into();
-		let total_price: T::Balance = price_per_credit * tax_credit_amount;
+		let total_price: T::Balance = Self::safe_multiply_offer(price_per_credit, tax_credit_amount)?;
 		let fee: Option<T::Balance> = None;
 		let tax_credit_id: <T as pallet_uniques::Config>::ItemId = offer.tax_credit_id;
 		let seller_id: T::AccountId = offer.creator_id;
@@ -941,9 +939,9 @@ impl<T: Config> Pallet<T> {
 	fn safe_multiply_offer(
 		factor1: T::Balance,
 		factor2: T::Balance
-	) -> DispatchResult {
-		factor1.checked_mul(&factor2).ok_or_else(|| Error::<T>::ArithmeticOverflow)?;
-		Ok(())
+	) -> Result<T::Balance, DispatchError> {
+		let result = factor1.checked_mul(&factor2).ok_or_else(|| Error::<T>::ArithmeticOverflow)?;
+		Ok(result)
 	}
 
 	fn get_all_roles_for_user(account_id: T::AccountId) -> Result<Vec<AfloatRole>, DispatchError> {
diff --git a/pallets/afloat/src/tests.rs b/pallets/afloat/src/tests.rs
@@ -59,7 +59,7 @@ fn replicate_overflow_for_start_take_sell_order() {
 			}
 		));
 
-		let (offer_id, offer) = AfloatOffers::<Test>::iter().next().unwrap().clone();
+		let (offer_id, _offer) = AfloatOffers::<Test>::iter().next().unwrap().clone();
 		assert_noop!(
 			Afloat::start_take_sell_order(
 				RawOrigin::Signed(other_user.clone()).into(),
diff --git a/pallets/fund-admin/src/functions.rs b/pallets/fund-admin/src/functions.rs
@@ -3120,9 +3120,12 @@ impl<T: Config> Pallet<T> {
 		Ok(())
 	}
 
-	fn safe_add(a: u64, b: u64) -> DispatchResult {
-		a.checked_add(b).ok_or_else(|| Error::<T>::ArithmeticOverflow)?;
-		Ok(())
+	fn safe_add(
+		a: u64,
+		b: u64
+	) -> Result<u64, DispatchError> {
+		let result = a.checked_add(b).ok_or_else(|| Error::<T>::ArithmeticOverflow)?;
+		Ok(result)
 	}
 
 	fn do_calculate_drawdown_total_amount(
@@ -3145,11 +3148,9 @@ impl<T: Config> Pallet<T> {
 				// Get transaction data
 				let transaction_data = TransactionsInfo::<T>::get(transaction_id)
 					.ok_or(Error::<T>::TransactionNotFound)?;
-				// Check arithmetic overflow
-				Self::safe_add(drawdown_total_amount, transaction_data.amount)?;
 
 				// Add transaction amount to drawdown total amount
-				drawdown_total_amount += transaction_data.amount;
+				drawdown_total_amount = Self::safe_add(drawdown_total_amount, transaction_data.amount)?;
 			}
 		}
 
@@ -3300,11 +3301,8 @@ impl<T: Config> Pallet<T> {
 					RevenueTransactionsInfo::<T>::get(revenue_transaction_id)
 						.ok_or(Error::<T>::RevenueTransactionNotFound)?;
 
-				// Check arithmetic overflow
-				Self::safe_add(revenue_total_amount, revenue_transaction_data.amount)?;
-
 				// Add revenue transaction amount to revenue total amount
-				revenue_total_amount += revenue_transaction_data.amount;
+				revenue_total_amount = Self::safe_add(revenue_total_amount, revenue_transaction_data.amount)?;
 			}
 		}
 

Original file line number	Diff line number	Diff line change
`@@ -59,7 +59,7 @@ fn replicate_overflow_for_start_take_sell_order() {`
`59`	`59`	`}`
`60`	`60`	`));`
`61`	`61`
`62`		`- let (offer_id, offer) = AfloatOffers::<Test>::iter().next().unwrap().clone();`
	`62`	`+ let (offer_id, _offer) = AfloatOffers::<Test>::iter().next().unwrap().clone();`
`63`	`63`	`assert_noop!(`
`64`	`64`	`Afloat::start_take_sell_order(`
`65`	`65`	`RawOrigin::Signed(other_user.clone()).into(),`
Original file line number	Diff line number	Diff line change
`@@ -3120,9 +3120,12 @@ impl<T: Config> Pallet<T> {`
`3120`	`3120`	`Ok(())`
`3121`	`3121`	`}`
`3122`	`3122`
`3123`		`- fn safe_add(a: u64, b: u64) -> DispatchResult {`
`3124`		`- a.checked_add(b).ok_or_else(\|\| Error::<T>::ArithmeticOverflow)?;`
`3125`		`- Ok(())`
	`3123`	`+ fn safe_add(`
	`3124`	`+ a: u64,`
	`3125`	`+ b: u64`
	`3126`	`+ ) -> Result<u64, DispatchError> {`
	`3127`	`+ let result = a.checked_add(b).ok_or_else(\|\| Error::<T>::ArithmeticOverflow)?;`
	`3128`	`+ Ok(result)`
`3126`	`3129`	`}`
`3127`	`3130`
`3128`	`3131`	`fn do_calculate_drawdown_total_amount(`
`@@ -3145,11 +3148,9 @@ impl<T: Config> Pallet<T> {`
`3145`	`3148`	`// Get transaction data`
`3146`	`3149`	`let transaction_data = TransactionsInfo::<T>::get(transaction_id)`
`3147`	`3150`	`.ok_or(Error::<T>::TransactionNotFound)?;`
`3148`		`- // Check arithmetic overflow`
`3149`		`- Self::safe_add(drawdown_total_amount, transaction_data.amount)?;`
`3150`	`3151`
`3151`	`3152`	`// Add transaction amount to drawdown total amount`
`3152`		`- drawdown_total_amount += transaction_data.amount;`
	`3153`	`+ drawdown_total_amount = Self::safe_add(drawdown_total_amount, transaction_data.amount)?;`
`3153`	`3154`	`}`
`3154`	`3155`	`}`
`3155`	`3156`
`@@ -3300,11 +3301,8 @@ impl<T: Config> Pallet<T> {`
`3300`	`3301`	`RevenueTransactionsInfo::<T>::get(revenue_transaction_id)`
`3301`	`3302`	`.ok_or(Error::<T>::RevenueTransactionNotFound)?;`
`3302`	`3303`
`3303`		`- // Check arithmetic overflow`
`3304`		`- Self::safe_add(revenue_total_amount, revenue_transaction_data.amount)?;`
`3305`		`-`
`3306`	`3304`	`// Add revenue transaction amount to revenue total amount`
`3307`		`- revenue_total_amount += revenue_transaction_data.amount;`
	`3305`	`+ revenue_total_amount = Self::safe_add(revenue_total_amount, revenue_transaction_data.amount)?;`
`3308`	`3306`	`}`
`3309`	`3307`	`}`
`3310`	`3308`