Summary

The onlyBeneficiaryWithIsInherited modifier contains an out-of-bounds array access vulnerability, which can cause the contract to revert unexpectedly when iterating through the beneficiaries array.

Vulnerability Details

This condition allows the loop to run one iteration more than the number of beneficiaries, which can cause an out-of-bounds error when accessing beneficiaries[i] for the last iteration. Specifically, when i == beneficiaries.length, the loop will try to access beneficiaries[beneficiaries.length], which doesn't exist.

Impact

1. Denial of Service (DoS): Any function using this modifier will always revert if beneficiaries.length == 0 or if msg.sender is not found in the array before the invalid access.

2. Inaccessible Funds: If this modifier is used to control inheritance claims, eligible beneficiaries may be unable to access their inheritance due to unintended reverts.

Tools Used

• Manual Code Review

Recommendations

modifier onlyBeneficiaryWithIsInherited() {

uint256 i = 0;

while (i < beneficiaries.length) {

if (msg.sender == beneficiaries[i] && isInherited) {

break;

}

i++;

}

_;

}