MyCut
First Flight #23
Beginner FriendlyFoundry
100 EXP
View results
Previous Next
Submission Details
Severity: medium
Invalid

Mismatched Array Lengths in Constructor ( Lack of Validation + Potential Allocation Errors)

skid0016

Summary

The constructor of the contract allows for initializing players and their corresponding rewards. However, there is no validation to ensure that the lengths of the `players` and `rewards` arrays are equal. This omission can lead to significant issues during the execution of the loop that maps players to their rewards.

Vulnerability Details

If the `players` array and the `rewards` array have mismatched lengths:

  • If `players.length` is greater than `rewards.length`, the constructor will attempt to access an out-of-bounds index in the `rewards` array, potentially leading to a runtime error or undefined behavior.

  • If `rewards.length` is greater than `players.length`, some rewards will remain unallocated, leading to potential discrepancies in the intended reward distribution.Impact

Tools Used

Manual Review

Recommendations

Add a check at the beginning of the constructor to ensure that the lengths of the `players` and `rewards` arrays are equal. This can be done using a simple `require` statement:

constructor(address[] memory players, uint256[] memory rewards, IERC20 token, uint256 totalRewards) {
require(players.length == rewards.length, "Mismatched players and rewards array lengths");
i_players = players;
i_rewards = rewards;
i_token = token;
i_totalRewards = totalRewards;
remainingRewards = totalRewards;
i_deployedAt = block.timestamp;
for (uint256 i = 0; i < i_players.length; i++) {
playersToRewards[i_players[i]] = i_rewards[i];
}
Updates

Lead Judging Commences

equious Lead Judge 11 months ago
Submission Judgement Published
Invalidated
Reason: Known issue

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.