Mystery Box
First Flight #25
Beginner FriendlyFoundry
100 EXP
View results
Previous Next
Submission Details
Severity: low
Invalid

Incomplete Index Validation in MysteryBox::claimSingleReward()

xilobytes

Summary

The index validation in MysteryBox::claimSingleReward() uses <=, which could allow an out-of-bounds error.

Vulnerability Details

Affected Code

require(_index <= rewardsOwned[msg.sender].length, "Invalid index");

Impact

Users can provide an invalid index, potentially causing runtime errors.

Tools Used

  • Visual Studio Code

  • Solidity

  • Foundry

Recommended Mitigation

Correct the condition to < for proper index validation.

require(_index < rewardsOwned[msg.sender].length, "Invalid index");
Updates

Appeal created

inallhonesty Lead Judge about 1 year ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.