Will revert on case where the array is not provided in ascending order.
Proof of Concept
Logic not implemented correctly if
indicesToSkip array not entered in ascending order.
Let's consider the case where indicesToSkip is [3,1,7,9].In this case indicesToSkipIndex will not be incremented further and value of indicesToSkip[indicesToSkipIndex] will remain the same causing logical flaws in the code.
Tools Used
Manual Audit
Recommended Mitigation Steps
Checks should be implemented for indicesToSkip to ensure that the entered array is always in Ascending order.
Lines of code
https://github.com/code-423n4/2023-04-eigenlayer/blob/main/src/contracts/core/StrategyManager.sol#L562
Vulnerability details
Impact
Will revert on case where the array is not provided in ascending order.
Proof of Concept
Logic not implemented correctly if
indicesToSkip
array not entered in ascending order. Let's consider the case whereindicesToSkip
is [3,1,7,9].In this caseindicesToSkipIndex
will not be incremented further and value of indicesToSkip[indicesToSkipIndex] will remain the same causing logical flaws in the code.Tools Used
Manual Audit
Recommended Mitigation Steps
Checks should be implemented for
indicesToSkip
to ensure that the entered array is always in Ascending order.Assessed type
Context