Incorrect Array Length Parameters in Error Message for Deposit and Redeem Fees Validation
Summary
In the configureDepositAndRedeemFees function, when comparing depositFees.length with redeemFees.length, the error message incorrectly uses vaultsIds.length and depositFees.length as parameters instead of the actual arrays being compared.
Vulnerability Details
Looking at the configureDepositAndRedeemFees function:
The second length check compares depositFees.length with redeemFees.length, but the error message uses vaultsIds.length and depositFees.length as parameters, which don't correspond to the arrays being compared.
Impact
It impacts the debugging experience as the error message will show incorrect array lengths when there's a mismatch between depositFees and redeemFees arrays, making it harder to identify and fix array length issues.
Tools Used
Manual code review
Recommendations
Update the error message parameters to match the arrays being compared:
This will ensure that the error message accurately reflects the arrays being compared, making debugging easier.
Lead Judging Commences
configureDepositAndRedeemFees function emits the wrong parameters inside the `(depositFees.length != redeemFees.length)` check
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.