MyCut
First Flight #23
Beginner FriendlyFoundry
100 EXP
View results
Previous Next
Submission Details
Severity: medium
Invalid

Missing Validation for Players and Rewards Array Lengths in `Pot.sol` Contract

yourguyd3v

In the Pot.sol contract, the constructor takes two arrays, players and rewards, as inputs. These arrays are meant to map player addresses to corresponding reward amounts. However, the constructor does not validate that the length of the players array matches the length of the rewards array. This can lead to inconsistent state mapping between players and rewards, potentially causing unexpected behavior during reward distribution.

Impact:

The lack of validation could result in:

  1. Incorrect reward assignments leading to potential disputes.

  2. Funds being locked in the contract or distributed incorrectly, causing financial losses.

  3. Potential vulnerabilities due to the mismatch in array lengths, which may be exploited in specific scenarios.

POC

The contract is created successfully even though the arrays are of unequal lengths, highlighting the lack of validation in the constructor.

uint256[] MoreRewards = [3, 2, 5, 7];
function testCanCreatePotWillPassEvenThePlayersAndRewardsAreNotEqual() public mintAndApproveTokens {
vm.startPrank(user);
contest = ContestManager(conMan).createContest(players, moreRewards, IERC20(ERC20Mock(weth)), 4);
totalContests = ContestManager(conMan).getContests();
vm.stopPrank();
assertEq(totalContests.length, 1); // The contest is created even though the arrays are not equal
}

Recommendation:

add a check in the constructor to ensure that the players and rewards arrays are of equal length before proceeding with the assignment.

+ require(players.length == rewards.length, "Players and rewards arrays must have the same length");
Updates

Lead Judging Commences

equious Lead Judge about 1 year ago
Submission Judgement Published
Invalidated
Reason: Known issue

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.