Inheritable Smart Contract Wallet

First Flight #35

Beginner FriendlySolidity

100 EXP

View results

Previous Next

Submission Details

Severity: medium

Invalid

Invalid boundaries in modifier

dsbex

Summary - The `InheritanceManager.sol::onlyBeneficiaryWithIsInherited` modifier improperly checks the upper boundary of the beneficiaries array, potentially leading to an out-of-bounds array access. This vulnerability could result in unexpected contract behavior or runtime exceptions.

Vulnerability Details - The `onlyBeneficiaryWithIsInherited` modifier is intended to verify if the msg.sender is a beneficiary and if the isInherited flag is set to true. However, the while loop condition incorrectly checks:

while (i < beneficiaries.length + 1)

In Solidity, arrays are zero-indexed, meaning valid indices range from 0 to beneficiaries.length - 1. The current implementation extends the loop one step beyond the valid range, causing an out-of-bounds access when the index i reaches beneficiaries.length. This results in a runtime panic with error code 0x32 (array out-of-bounds access).

function testOnlyBeneficiaryWithIsInheritedBoundaries() public {

address user3 = makeAddr("user3");

im.appointTrustee(user3);

}

The output of this test:

Failing tests:

Encountered 1 failing test in test/InheritanceManagerTest.t.sol:InheritanceManagerTest

[FAIL: panic: array out-of-bounds access (0x32)] testOnlyBeneficiaryWithIsInheritedBoundaries() (gas: 11914)

Encountered a total of 1 failing tests, 0 tests succeeded

Impact

Exploiting this vulnerability will cause the contract to revert with an out-of-bounds panic, preventing intended contract execution. This could block critical functionality for authorized beneficiaries, especially in inheritance-related scenarios.

Tools Used

Manual Review

Recommendations

Modify the loop boundary condition to correctly iterate within the valid range of the array:

while (i < beneficiaries.length)

Updates

Lead Judging Commences

0xtimefliez Lead Judge 5 months ago

Submission Judgement Published

Invalidated

Reason: Incorrect statement

Rewards breakdown

nSLOC

211

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.