Flow

Sablier

FoundryDeFi

20,000 USDC

View results

Previous Next

Submission Details

Severity: medium

Invalid

Lack of Input Validation

hackz

Summary

The batch function in the Batch contract lacks input validation, specifically for the calls array. This could lead to unintended behavior when an empty array is passed as an argument.

Finding Description

The batch function accepts an array of byte strings as input to delegate calls to the same contract. However, it does not check if the calls array is empty. If an empty array is provided, the function will proceed with a for loop that does not execute any calls, which can lead to confusion for the user, as no operations are performed but no errors are raised.

This issue does not directly break security guarantees, but it could lead to a poor user experience and unexpected behavior in front-end applications interacting with this contract. For example, a frontend interface may allow users to submit an empty batch, leading to silent failures that are hard to diagnose.

Vulnerability Details

Affected Function: batch(bytes[] calldata calls)
Condition: When calls is an empty array (calls.length == 0), the loop does not execute.
Impact: The function does not revert or handle this situation, resulting in no actions being taken without feedback.

Impact

The lack of input validation could cause confusion for users and developers relying on the contract. In scenarios where the contract is part of a larger system, it may lead to cascading issues where frontend applications do not handle the response correctly, resulting in misleading UI states or further erroneous transactions.

Proof of Concept

Here is a simple test case that demonstrates the issue:

contract TestBatch {

Batch batchContract;

function testEmptyBatch() public {

// This will call the batch function with an empty array

batchContract.batch(new bytes );

// No error is thrown, but nothing happens

}

Running the above test will highlight that no operations are performed without any indication of the problem.

Recommendations

To fix the issue, implement an input validation check to ensure the calls array is not empty before proceeding with the delegate calls. Here is a code snippet that addresses the issue:

function batch(bytes[] calldata calls) external {

uint256 count = calls.length;

require(count > 0, "No calls provided"); // Input validation for empty array

for (uint256 i = 0; i < count; ++i) {

(bool success, bytes memory result) = address(this).delegatecall(calls[i]);

if (!success) {

revert Errors.BatchError(result.length > 0 ? result : "Unknown error");

}

emit BatchExecuted(count); // Event emission (if implemented)

}

This validation ensures that users are notified when they attempt to call the function with an empty array, preventing silent failures.

File Location

src/abstracts/Batch.sol

Updates

Lead Judging Commences

inallhonesty Lead Judge 11 months ago

Submission Judgement Published

Invalidated

Reason: Lack of quality

Prize pool breakdown

Total prize

20,000 USDC

nSLOC

699

29 USDC / LOC

High Medium

19,000 USDC

Low

1,000 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.