QuantAMM
QuantAMM
49,600 OP
View results
Previous Next
Submission Details
Severity: low
Invalid

Unchecked last params.poolDetails element.

0xwsecteam

Summary

When QuantAMMWeightedPool.sol is deployed the owner passes params which contains params.poolDetails and in constructor it checks the length of params.poolDetails if it is <= 50 but the issue is that when it loops for(uint256 i; i < params.poolDetails.length; i++) it checks only from index 0 to index 49 so in simple words if params.poolDetails length is 50 the last element will not be Checked.

require(params.poolDetails.length <= 50, "Limit exceeds array length");
for(uint256 i; i < params.poolDetails.length; i++){
require(params.poolDetails[i].length == 4, "detail needs all 4 [category, name, type, detail]");
}

Impact

If the last index of the array contains invalid or malicious data, the following risks may arise:
Unchecked invalid data could lead to incorrect processing or unexpected behavior.

Recommendations

Fix params.poolDetails.length to < 50 instead of <= 50.

require(params.poolDetails.length < 50, "Limit exceeds array length");
for(uint256 i = 0; i < params.poolDetails.length - 1; i++){
require(params.poolDetails[i].length == 4, "detail needs all 4 [category, name, type, detail]");
}
Updates

Lead Judging Commences

n0kto Lead Judge 10 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity
Assigned finding tags:

Informational or Gas / Admin is trusted / Pool creation is trusted / User mistake / Suppositions

Please read the CodeHawks documentation to know which submissions are valid. If you disagree, provide a coded PoC and explain the real likelyhood and the detailed impact on the mainnet without any supposition (if, it could, etc) to prove your point.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.