Vulnerability Report: Lack of Input Length Validation in Statistics Library Functions
Summary
The Statistics library functions avg, variance, and stddev do not check the length of the input array, leading to potential division by zero errors when an empty array is passed as an argument.
Vulnerability Details
The avg, variance, and stddev functions lack a validation step to ensure that the input parameter data has a length greater than zero. When an empty array is provided, these functions will attempt to execute the operation sum / data.length, resulting in a division by zero error. Additionally, the calculation of data[i] - mean in the variance function could lead to negative results without proper input validation, which could introduce logical errors.
Impact
If an attacker passes an empty array, the contract will fail to execute properly, leading to transaction failures and wasted gas. The risk of negative calculations may also lead to undefined behaviors, reducing the reliability and security of the contract and causing user frustration.
Tools Used
Manual review
Recommendations
Add Array Length Checks: At the beginning of each function, include a check to ensure data.length is greater than zero:
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.