fix(x/accounts): check for overflows in multisig weights and votes

x/accounts/defaults/multisig/account.go

@@ -91,7 +91,10 @@ func (a *Account) Init(ctx context.Context, msg *v1.MsgInit) (*v1.MsgInitRespons
 			return nil, err
 		}
 
-		totalWeight += msg.Members[i].Weight
+		totalWeight, err = safeAdd(totalWeight, msg.Members[i].Weight)
+		if err != nil {
+			return nil, err
+		}
 	}
 
 	if err := validateConfig(*msg.Config, totalWeight); err != nil {
@@ -266,19 +269,32 @@ func (a Account) ExecuteProposal(ctx context.Context, msg *v1.MsgExecuteProposal
 
 		switch v1.VoteOption(vote) {
 		case v1.VoteOption_VOTE_OPTION_YES:
-			yesVotes += weight
+			yesVotes, err = safeAdd(yesVotes, weight)
+			if err != nil {
+				return true, err
+			}
 		case v1.VoteOption_VOTE_OPTION_NO:
-			noVotes += weight
+			noVotes, err = safeAdd(noVotes, weight)
+			if err != nil {
+				return true, err
+			}
 		case v1.VoteOption_VOTE_OPTION_ABSTAIN:
-			abstainVotes += weight
+			abstainVotes, err = safeAdd(abstainVotes, weight)
+			if err != nil {
+				return true, err
+			}
 		}
 		return false, nil
 	})
 	if err != nil {
 		return nil, err
 	}
 
-	totalWeight := yesVotes + noVotes + abstainVotes
+	totalWeight, err := safeAdd(yesVotes, noVotes, abstainVotes)
+	if err != nil {
+		return nil, err
+	}
+
 	var (
 		rejectErr error
 		execErr   error
@@ -387,3 +403,14 @@ func (a *Account) RegisterQueryHandlers(builder *accountstd.QueryBuilder) {
 	accountstd.RegisterQueryHandler(builder, a.QueryProposal)
 	accountstd.RegisterQueryHandler(builder, a.QueryConfig)
 }
+
+func safeAdd(nums ...uint64) (uint64, error) {
+	var sum uint64
+	for _, num := range nums {
+		if sum+num < sum {
+			return 0, errors.New("overflow")
+		}
+		sum += num
+	}
+	return sum, nil
+}

x/accounts/defaults/multisig/account_test.go

@@ -2,6 +2,7 @@ package multisig
 
 import (
 	"context"
+	"math"
 	"testing"
 	"time"
 
@@ -658,3 +659,33 @@ func TestProposalPassing(t *testing.T) {
 
 	require.Equal(t, expectedMembers, cfg.Members)
 }
+
+func TestWeightOverflow(t *testing.T) {
+	ctx, ss := newMockContext(t)
+	acc := setup(t, ctx, ss, nil)
+
+	startAcc := &v1.MsgInit{
+		Config: &v1.Config{
+			Threshold:    2640,
+			Quorum:       2000,
+			VotingPeriod: 60,
+		},
+		Members: []*v1.Member{
+			{
+				Address: "addr1",
+				Weight:  math.MaxUint64,
+			},
+		},
+	}
+
+	_, err := acc.Init(ctx, startAcc)
+	require.NoError(t, err)
+
+	// add another member with weight 1 to trigger an overflow
+	startAcc.Members = append(startAcc.Members, &v1.Member{
+		Address: "addr2",
+		Weight:  1,
+	})
+	_, err = acc.Init(ctx, startAcc)
+	require.ErrorContains(t, err, "overflow")
+}

x/accounts/defaults/multisig/update_config.go

@@ -44,7 +44,11 @@ func (a Account) UpdateConfig(ctx context.Context, msg *v1.MsgUpdateConfig) (*v1
 	// get the weight from the stored members
 	totalWeight := uint64(0)
 	err := a.Members.Walk(ctx, nil, func(_ []byte, value uint64) (stop bool, err error) {
-		totalWeight += value
+		var adderr error
+		totalWeight, adderr = safeAdd(totalWeight, value)
+		if adderr != nil {
+			return true, err
+		}
 		return false, nil
 	})
 	if err != nil {