Overflow error in `getUserDeposits` function
Description
The function getUserDeposits retrieves user deposit IDs from an EnumerableSet. However, the loop index variable i is declared as uint8, which could lead to potential issues if length exceeds the maximum value that uint8 can hold (255). Since length is derived from EnumerableSet.length, there is a possibility that more than 255 deposits exist, which would result in an overflow or unintended behavior.
Impact
If a user has more than 255 deposits, the function may not return all deposit IDs correctly.
Potential risk of an integer overflow if manipulated incorrectly in future code changes.
Unexpected behavior could impact downstream applications relying on this function for correct deposit retrieval.
Recommendation
Change the loop index variable i from uint8 to uint256 to ensure compatibility with the possible range of values returned by EnumerableSet.length.
Updated Code Suggestion:
Lead Judging Commences
Informational or Gas
Please read the CodeHawks documentation to know which submissions are valid. If you disagree, provide a coded PoC and explain the real likelihood and the detailed impact on the mainnet without any supposition (if, it could, etc) to prove your point.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.