Index Out-of-Bounds Risk in removePlot Function of PodTransfer.sol in Beanstalk
Summary
The PodTransfer.sol contract in the Beanstalk project has a potential vulnerability in the removePlot function. This function does not check if the index of the plot is within the valid range of the plotIndexes array, leading to the risk of accessing an element outside the array (index out-of-bounds) and causing errors in the contract
Vulnerability Details
The removePlot function in PodTransfer.sol contains the following code:
This code removes a plot at index index from the plots array and calls the removePlotIndexFromAccount function to remove this index from the plotIndexes array. However, there is no check to ensure that index is within the valid range of the plotIndexes array. If index is greater than or equal to the length of the array, accessing plotIndexes[index] will cause an "index out-of-bounds" error.
Impact
If the error occurs during the execution of a transaction, the entire transaction will be reverted (undone), wasting gas fees for the user.
Tools Used
Manual
Recommendations
add a check to ensure that index is within the valid range of the plotIndexes array before accessing it
Lead Judging Commences
Informational/Gas
Invalid as per docs https://docs.codehawks.com/hawks-auditors/how-to-determine-a-finding-validity
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.