Inheritable Smart Contract Wallet
First Flight #35
Beginner FriendlySolidity
100 EXP
View results
Previous Next
Submission Details
Severity: high
Valid

Function "buyOutEstateNFT" does not transfers assets to all beneficiaries in some cases

al88nsk

Summary

Depending on which beneficiary calls function buyOutEstateNFT, the assets may not be transferred to some beneficiaries.

Vulnerability Details

Function buyOutEstateNFT incorrectly processes payouts when the beneficiary who calls the function is not last in the beneficiaries array. The loop that iterates the beneficiaries is implementing incorrectly. When the beneficiaries[i] is msg.sender, the loop iteration is ended because it returns from the function:

for (uint256 i = 0; i < beneficiaries.length; i++) {
if (msg.sender == beneficiaries[i]) {
return;
} else {
IERC20(assetToPay).safeTransfer(beneficiaries[i], finalAmount / divisor);
}
}

Therefore, any the beneficiaries that are located after the msg.sender in the beneficiaries array do not receive any assets.

Impact

Beneficiaries does not receive they assets.

Tools Used

Manual review

Recommendations

Change the loop iteration logic to continue instead if return:

for (uint256 i = 0; i < beneficiaries.length; i++) {
if (msg.sender == beneficiaries[i]) {
- return;
+ continue;
} else {
IERC20(assetToPay).safeTransfer(beneficiaries[i], finalAmount / divisor);
}
}
Updates

Lead Judging Commences

0xtimefliez Lead Judge 10 months ago
Submission Judgement Published
Validated
Assigned finding tags:

buyOutNFT has return instead of continue

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!