Incorrect Beneficiary Modifier in `InheritanceManager`
Summary
The onlyBeneficiaryWithIsInherited modifier in the InheritanceManager contract uses a while loop that exceeds the array bounds (beneficiaries.length + 1), causing reverts.
Finding Description
The onlyBeneficiaryWithIsInherited modifier is intended to ensure that only beneficiaries can call certain functions after the contract has been inherited. However, the while loop used in this modifier exceeds the array bounds by one, causing the loop to revert when it tries to access an index out of range. This vulnerability breaks the security guarantee that only beneficiaries can call these functions after inheritance. It prevents legitimate beneficiaries from accessing these functions, potentially causing unintended behavior.
Impact Explanation
The impact of this vulnerability is medium because it prevents legitimate beneficiaries from accessing certain functions after inheritance. This could lead to a denial of service for beneficiaries, preventing them from performing necessary actions.
Likelihood Explanation
The likelihood of this vulnerability being encountered is medium because it affects the onlyBeneficiaryWithIsInherited modifier, which is used in functions that are called after inheritance. Any beneficiary attempting to call these functions would encounter the issue.
Recommendation
To fix this issue, the while loop should be replaced with a for loop that correctly iterates over the beneficiaries array:
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.