IllIllI - EmptyFeedPrice will cause orders to be canceled

[sherlock-admin]

IllIllI

medium

EmptyFeedPrice will cause orders to be canceled

Summary

In most cases where orders are submitted using invalid oracle prices, the check for isEmptyPriceError() returns true, and the order execution is allowed to revert, rather than canceling the order.

Vulnerability Detail

EmptyFeedPrice isn't counted as one of these errors, and so if the price reaches zero, any outstanding order will be canceled.

Impact

Orders to close positions will be canceled, leading to losses.

Code Snippet

Only isEmptyPriceError() errors are allowed to revert:

// File: gmx-synthetics/contracts/exchange/OrderHandler.sol : OrderHandler._handleOrderError()   #1

226            if (
227 @>             OracleUtils.isEmptyPriceError(errorSelector) ||
228                errorSelector == InvalidKeeperForFrozenOrder.selector
229            ) {
230                ErrorUtils.revertWithCustomError(reasonBytes);
231            }
232    
233            Order.Props memory order = OrderStoreUtils.get(dataStore, key);
234            bool isMarketOrder = BaseOrderUtils.isMarketOrder(order.orderType());
235    
236            if (isMarketOrder) {
237:               OrderUtils.cancelOrder(

https://github.com/sherlock-audit/2023-02-gmx/blob/main/gmx-synthetics/contracts/exchange/OrderHandler.sol#L226-L237

Other orders get frozen or canceled

Tool used

Manual Review

Recommendation

Include EmptyFeedPrice in the list of OracleUtils.isEmptyPriceError() errors

[xvi10]

Fix in gmx-io/gmx-synthetics@4a5981a#diff-d1cd88df390b68e193ecd449d918fbfccb8c24f39cbb3f4c32a659e932122d8fR291