Zero Return, can confuse users & devs
Summary
To improve clarity and avoid potential confusion, it's advisable to change the return value of the getActivePlayerIndex function from 0 to -1 or use a more descriptive constant value when the player is not found in the array. This adjustment ensures that a valid index (0) in the array does not mislead users into thinking that the player was found.
Vulnerability Details
Returning 0 in the getActivePlayerIndex function may cause confusion, as it's a valid array index, potentially leading to misinterpretation by users. It's advisable to use a different return value, like -1, to clearly indicate the absence of the player and avoid such confusion.
Impact
Returning 0 in the getActivePlayerIndex function might mislead users into thinking that 0 corresponds to a valid index in the array. This could potentially lead to incorrect interpretations of the function's output and incorrect usage by developers.
Tools Used
Foundry, Etherscan, and manual review
Recommendations
To improve the clarity and avoid confusion, you can use a different constant value, such as -1, to indicate that the player was not found in the array. Here's a modified version of the getActivePlayerIndex function:
This updated function returns -1 if the player is not found, making it clearer that the player was not present in the array.
Lead Judging Commences
getActivePlayerIndex can say a player is both entered at slot 0 and inactive
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.