Ambiguous Default Index for Non-Existing Players in getActivePlayerIndex Function
Summary
The getActivePlayerIndex function in the provided smart contract incorrectly handles non-existing player queries by returning a default index value (0) that could correspond to a valid player, potentially leading to incorrect data interpretation or manipulation.
Vulnerability Details
In the getActivePlayerIndex function, when a non-existing player's address is queried, the function defaults to returning 0. This is problematic because index 0 could be a valid index for an existing player in the players array. This behavior can lead to ambiguity and incorrect information being returned, affecting the contract's logic relying on this function.
Impact
Data Misinterpretation: Functions or external contracts relying on getActivePlayerIndex might incorrectly assume that a non-existing player is the first player in the list.
Potential Logic Errors: Contract logic that uses this function's output could behave unpredictably or incorrectly.
Manipulation Risk: Malicious actors might exploit this flaw to influence contract behavior, assuming specific actions are tied to the player at index 0.
Tools Used
manual
Recommendations
Distinct Return Value for Non-Existence: Modify the function to return a distinct value (such as the array length or a special flag) when the player is not found.
Use a Mapping: Consider using a mapping for player existence checks if applicable.
Explicit Error Handling: Alternatively, the function could revert with an error message when the queried player does not exist.
Lead Judging Commences
getActivePlayerIndex can say a player is both entered at slot 0 and inactive
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.