Closed c4-submissions closed 10 months ago
raymondfam marked the issue as low quality report
raymondfam marked the issue as primary issue
It's because of:
txns[0] = Types.Executable({
The relevant contract is actually out-of-scope as per the official contest scope.
Regardless, the described issue is incorrect as the txns
array actually wishes to retain the first entry empty to-be-assigned afterwards as @raymondfam has correctly stated.
alex-ppg marked the issue as unsatisfactory: Out of scope
Lines of code
https://github.com/code-423n4/2023-10-brahma/blob/a6424230052fc47c4215200c19a8eef9b07dfccc/contracts/src/core/ConsoleOpBuilder.sol#L127-L128
Vulnerability details
Impact
number of txns of excutors must be excutores + 1 but this loop will +1 in every cycle
the code structure is designed the way the number of txns of excutors in
enableExecutorPluginOnSubAccount
function counts the length of executors txns and it should be excutors + 1 but it does increase in every cycle of loopProof of Concept
function enableExecutorPluginOnSubAccount(address subAccount, address[] memory executors) external view returns (bytes memory) { uint256 _numberOfExecutors = executors.length; uint256 _numberOfTransactions = _numberOfExecutors + 1;
Tools Used
vscode
Recommended Mitigation Steps
Assessed type
Loop