Out-of-Bounds Error in configureConnectedVaults Function in library Market
Summary
The function configureConnectedVaults is intended to add vault IDs to the connectedVaults array, which is stored as an EnumerableSet.UintSet[].
However, the function incorrectly accesses an index using connectedVaults.length, which will cause an out-of-bounds error because:
connectedVaults.lengthis not a valid index for appending new elements.The array needs to be explicitly expanded before accessing a new index.
Vulnerability Details
Using connectedVaults[connectedVaults.length] will cause an out-of-bounds error since the array does not expand dynamically when accessing an index that has not been explicitly initialized.
Solidity arrays do not auto-expand when assigned to connectedVaults[connectedVaults.length].
This access only works for an already allocated index, if connectedVaults.length is equal to the current size, it does not point to a valid memory slot, causing a runtime error.
Impact
Since the function cannot execute properly, no vaults can be added, breaking protocol functionality.
Tools Used
Manual Review
Recommendations
Explicitly Push New Elements to connectedVaults Before Accessing Them
Lead Judging Commences
`Market::configureConnectedVaults` Will Always Fail with Array Out of Bounds Error
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.