https://github.com/Cyfrin/2024-08-MyCut/blob/main/src/ContestManager.sol
The fundContest
function accesses the contests
array using an index provided by the caller without validating that the index is within the bounds of the array. This can lead to accessing an invalid index, resulting in runtime errors or unexpected behavior.
The function directly uses the provided index to access the contests
array, which can lead to out-of-bounds access if the index is invalid.
An invalid index could cause the function to attempt accessing non-existent entries in the contests
array, potentially leading to runtime errors or incorrect contract operations.
Manual Review
Add a check to ensure that the index
parameter is within the valid range of the contests
array.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.