explicitly check for swap amounts being too large (instead of depending on checked arithmetic overflows)

hoytech · hoytech · commit 14616041aa50 · 2025-03-05T00:41:14.000-05:00
diff --git a/src/EulerSwap.sol b/src/EulerSwap.sol
@@ -51,6 +51,7 @@ contract EulerSwap is IEulerSwap, EVCUtil {
     error Locked();
     error Overflow();
     error BadParam();
+    error AmountTooBig();
     error DifferentEVC();
     error AssetsOutOfOrderOrEqual();
     error CurveViolation();
@@ -105,6 +106,8 @@ contract EulerSwap is IEulerSwap, EVCUtil {
         callThroughEVC
         nonReentrant
     {
+        require(amount0Out <= type(uint112).max && amount1Out <= type(uint112).max, AmountTooBig());
+
         // Optimistically send tokens
 
         if (amount0Out > 0) withdrawAssets(vault0, amount0Out, to);
diff --git a/test/Limits.t.sol b/test/Limits.t.sol
@@ -107,4 +107,12 @@ contract LimitsTest is EulerSwapTestBase {
         assertEq(inLimit, type(uint112).max - 110e18);
         assertEq(outLimit, 18.5e18); // 10 in balance, plus 8.5 borrow cap
     }
+
+    function test_amountTooBig() public monotonicHolderNAV {
+        vm.expectRevert(EulerSwap.AmountTooBig.selector);
+        eulerSwap.swap(type(uint256).max, 0, address(this), "");
+
+        vm.expectRevert(EulerSwap.AmountTooBig.selector);
+        eulerSwap.swap(0, type(uint256).max, address(this), "");
+    }
 }

Original file line number	Diff line number	Diff line change
`@@ -107,4 +107,12 @@ contract LimitsTest is EulerSwapTestBase {`
`107`	`107`	`assertEq(inLimit, type(uint112).max - 110e18);`
`108`	`108`	`assertEq(outLimit, 18.5e18); // 10 in balance, plus 8.5 borrow cap`
`109`	`109`	`}`
	`110`	`+`
	`111`	`+ function test_amountTooBig() public monotonicHolderNAV {`
	`112`	`+ vm.expectRevert(EulerSwap.AmountTooBig.selector);`
	`113`	`+ eulerSwap.swap(type(uint256).max, 0, address(this), "");`
	`114`	`+`
	`115`	`+ vm.expectRevert(EulerSwap.AmountTooBig.selector);`
	`116`	`+ eulerSwap.swap(0, type(uint256).max, address(this), "");`
	`117`	`+ }`
`110`	`118`	`}`