This code won't work with case when item to remove is the last.
Moreover this code might broke whole protocol because it doesn't remove element from reserveTokens
Must be this line:
reserveTokens[index] = reserveTokens[reserveTokens.length - 1];
Tools Used
Recommended Mitigation Steps
Fix code to:
Handle removing last element;
Update index modification for reserveTokens: reserveTokens[index] = reserveTokens[reserveTokens.length - 1];
Lines of code
https://github.com/code-423n4/2023-08-dopex/blob/main/contracts/core/RdpxV2Core.sol#L270-L290
Vulnerability details
Impact
Removing work incorrectly. It clears
reserveAsset
andreserveTokens
incorrectly.Proof of Concept
This code won't work with case when item to remove is the last. Moreover this code might broke whole protocol because it doesn't remove element from
reserveTokens
Must be this line:reserveTokens[index] = reserveTokens[reserveTokens.length - 1];
Tools Used
Recommended Mitigation Steps
Fix code to:
reserveTokens
:reserveTokens[index] = reserveTokens[reserveTokens.length - 1];
Assessed type
Other