c4-judge
commented
1 year ago trust1995 marked the issue as duplicate of #372
Closed code423n4 closed 1 year ago
c4-judge
commented
1 year ago trust1995 marked the issue as duplicate of #372
c4-judge
commented
1 year ago trust1995 marked the issue as satisfactory
c4-judge
commented
1 year ago trust1995 changed the severity to 2 (Med Risk)
c4-judge
commented
1 year ago trust1995 marked the issue as partial-50
Lines of code
https://github.com/code-423n4/2023-05-maia/blob/cfed0dfa3bebdac0993b1b42239b4944eb0b196c/src/ulysses-omnichain/RootPort.sol#L405-L411
Vulnerability details
Impact
This function will increase
bridgeAgentsLenghtrather thanbridgeAgentFactoriesLenghtwhich will lead to improper state update inbridgeAgentFactories[]array.Also it will lead to improper state change in
bridgeAgents[]asbridgeAgentsLenghtis changed unexpectedly.This can have severe impact while traversing and fetching addresses from both arrays.
Proof of Concept
https://github.com/code-423n4/2023-05-maia/blob/cfed0dfa3bebdac0993b1b42239b4944eb0b196c/src/ulysses-omnichain/RootPort.sol#L405-L411
Tools Used
Manual Review
Recommended Mitigation Steps
bridgeAgentsLenghtand addbridgeAgentFactoriesLenghtinstead in the function.Assessed type
Error