Possible Out-of-Bounds Array Access in `claimSingleReward`.
Vulnerability Details
In the claimSingleReward function, there is a potential issue with how array bounds are handled. Specifically, the condition used in the require statement allows for an invalid index value, which could result in out-of-bounds access and a runtime error:
The issue arises because array indices in Solidity are zero-based. For an array of length n, valid indices are in the range [0, n-1]. However, the condition require(_index <= rewardsOwned[msg.sender].length) allows _index to be equal to the array length (n), which is an invalid index because the highest valid index is n-1.
If _index equals the length of the array, attempting to access rewardsOwned[msg.sender][_index] will result in an out-of-bounds array access, causing the transaction to revert.
Impact
While the oulined vulnerability does not lead to loss of assets or rewards, it can result in failed transactions, affecting the reliability of the function and user experience.
Tools Used
Manual review, Visual Studio Code (VSCode)
Recommendations
To prevent this issue, the require statement should be modified to ensure that _index is strictly less than the length of the array. This will prevent any out-of-bounds access by ensuring the index is valid for the given array:
By implementing this fix, the function will reject any invalid array indices and ensure smoother function execution without unnecessary transaction failures.
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.