Submission Details
Severity:
Incorrect Deletion in removeBeneficiary Function
Summary
The removeBeneficiary function in the InheritanceManager contract uses delete to remove a beneficiary from the beneficiaries array. This does not actually remove the element but sets it to its default value (address(0)), leaving gaps in the array.
Vulnerability Details
function removeBeneficiary(address _beneficiary) external onlyOwner {
uint256 indexToRemove = _getBeneficiaryIndex(_beneficiary);
delete beneficiaries[indexToRemove];
}
Impact
Using delete leaves gaps in the array, which could lead to inefficiencies and incorrect behavior when iterating over the array.
Tools Used
Manual review
Recommendations
Use a more efficient method to remove elements, such as swapping with the last element and then popping the array
function removeBeneficiary(address _beneficiary) external onlyOwner {
uint256 indexToRemove = _getBeneficiaryIndex(_beneficiary);
beneficiaries[indexToRemove] = beneficiaries[beneficiaries.length - 1];
beneficiaries.pop();
}
Updates
Lead Judging Commences
0xtimefliez 9 months ago
Submission Judgement Published Assigned finding tags:
Incorrect removal from beneficiary list causes funds to be send to 0 address
Rewards breakdown
nSLOC
211This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.