Inheritable Smart Contract Wallet
First Flight #35
Beginner FriendlySolidity
100 EXP
View results
Previous Next
Submission Details
Severity: low
Invalid

function _getBeneficiaryIndex doesn't return a value explicitly, InheritanceManager.sol

hawks

Summary

The _getBeneficiaryIndex function loops through the beneficiaries array and returns the index of the _beneficiary. However, if _beneficiary is not found, _index remains uninitialized and defaults to 0, which could lead to incorrect behavior.

Vulnerability Details

If the _beneficiary address is not found in the beneficiaries array, the function will return 0, which could be misinterpreted as the first index (valid index) rather than indicating that the beneficiary does not exist.

function _getBeneficiaryIndex(address _beneficiary) public view returns (uint256 _index) {
for (uint256 i = 0; i < beneficiaries.length; i++) {
if (_beneficiary == beneficiaries[i]) {
_index = i;
break;
}
}
}

Impact

Incorrect beneficiary identification

Incorrect return value

Tools Used

Manual review

Recommendations

Fixed code:

function _getBeneficiaryIndex(address _beneficiary) public view returns (uint256) {
for (uint256 i = 0; i < beneficiaries.length; i++) {
if (_beneficiary == beneficiaries[i]) {
return i;
}
}
return type(uint256).max;
}

Alternative we could use revert instead of return type(uint256).max;.

Updates

Lead Judging Commences

0xtimefliez Lead Judge 5 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.