search

code-423n4 / 2023-12-revolutionprotocol-findings

3 stars 2 forks source link

Reverting when the heap is full #710

Closed c4-bot-5 closed 8 months ago

c4-bot-5 commented 8 months ago

Lines of code

https://github.com/code-423n4/2023-12-revolutionprotocol/blob/d42cc62b873a1b2b44f57310f9d4bbfdd875e8d6/packages/revolution/src/MaxHeap.sol#L119

Vulnerability details

Reverting when the heap is full: a) You mentioned in the comments that the function will revert if the heap is full. b) However, the code as it stands doesn't have any logic to check if the heap is indeed full. c) Depending on the context, you might want to add a check to ensure that the heap doesn't exceed a certain maximum size.

SOLUTION:

uint256 public maxHeapSize; // Define the maximum heap size as a state variable

constructor(uint256 _maxHeapSize) { maxHeapSize = _maxHeapSize; }

function insert(uint256 itemId, uint256 value) public onlyAdmin { require(size < maxHeapSize, "Heap is full, cannot insert more items"); // Check if the heap is full

heap[size] = itemId;
valueMapping[itemId] = value; // Update the value mapping
positionMapping[itemId] = size; // Update the position mapping

uint256 current = size;
while (current != 0 && valueMapping[heap[current]] > valueMapping[heap[parent(current)]]) {
    swap(current, parent(current));
    current = parent(current);
}
size++;

}

Assessed type

Invalid Validation

c4-pre-sort commented 8 months ago

raymondfam marked the issue as insufficient quality report

c4-pre-sort commented 8 months ago

raymondfam marked the issue as duplicate of #688

c4-judge commented 8 months ago

MarioPoneder marked the issue as unsatisfactory: Insufficient proof