Open code423n4 opened 2 years ago
hyh
Array bounds check violation will happen if the function be called with arrays of different lengths.
Loop is performed by names array, while both arrays are accessed:
for (uint256 i = 0; i < names.length; i++) { if (operators[names[i]] != destinations[i]) {
https://github.com/code-423n4/2021-11-nested/blob/main/contracts/OperatorResolver.sol#L27
Add a check:
require(names.length == destinations.length, "OperatorResolver::areAddressesImported: Input lengths must match");
Handle
hyh
Vulnerability details
Impact
Array bounds check violation will happen if the function be called with arrays of different lengths.
Proof of Concept
Loop is performed by names array, while both arrays are accessed:
https://github.com/code-423n4/2021-11-nested/blob/main/contracts/OperatorResolver.sol#L27
Recommended Mitigation Steps
Add a check: