search

code-423n4 / 2023-12-revolutionprotocol-findings

3 stars 2 forks source link

Error prone and complex code #705

Closed c4-bot-7 closed 8 months ago

c4-bot-7 commented 8 months ago

Lines of code

https://github.com/code-423n4/2023-12-revolutionprotocol/blob/d42cc62b873a1b2b44f57310f9d4bbfdd875e8d6/packages/revolution/src/MaxHeap.sol#L94

Vulnerability details

Used function is error prone and complex that leads to incorrect asset handling so have suggested below maxHeapify implementation.

function maxHeapify(uint256 pos) internal { uint256 left = 2 pos + 1; uint256 right = 2 pos + 2; uint256 largest = pos;

if (left < heap.length && valueMapping[heap[left]] > valueMapping[heap[largest]]) {
    largest = left;
}

if (right < heap.length && valueMapping[heap[right]] > valueMapping[heap[largest]]) {
    largest = right;
}

if (largest != pos) {
    swap(pos, largest);
    maxHeapify(largest);
}

}

Assessed type

Other

c4-pre-sort commented 8 months ago

raymondfam marked the issue as insufficient quality report

c4-pre-sort commented 8 months ago

raymondfam marked the issue as duplicate of #688

c4-judge commented 8 months ago

MarioPoneder marked the issue as unsatisfactory: Insufficient quality