/// @inheritdoc ILockManager
function getLockedWeightedValue(
address _player
) external view returns (uint256 _lockedWeightedValue) {
uint256 lockedWeighted = 0;
uint256 configuredTokensLength = configuredTokenContracts.length;
for (uint256 i; i < configuredTokensLength; i++) {
if (
lockedTokens[_player][configuredTokenContracts[i]].quantity >
0 &&
configuredTokens[configuredTokenContracts[i]].active
)
This function is called to calculate the total weighted value of a player's locked tokens. so If the loop does not execute correctly, the function will return an incorrect value or fail, impacting the accuracy of the locked weighted value.
Impact
The getLockedWeightedValue function fails to run correctly cause the loop variable i is uninitialized. and this can lead to incorrect calculations or a failure to execute the loop, impacting the calculation of the locked weighted value for a player.
Proof of Concept
here
for (uint256 i; i < configuredTokensLength; i++) {
let's say a player calls the getLockedWeightedValue function to calculate the total weighted value of their locked tokens.
and we have that The loop variable i is uninitialized, causing the loop to fail or not execute correctly
as result in an incorrect calculation or failure to execute the function.
Tools Used
manual review
Recommended Mitigation Steps
need to initializing the loop variable i to 0 to ensure the loop executes correctly
Lines of code
https://github.com/code-423n4/2024-05-munchables/blob/57dff486c3cd905f21b330c2157fe23da2a4807d/src/managers/LockManager.sol#L466
Vulnerability details
Root of the bug
The bug arises from the uninitialized loop variable i in the for loop ---->https://github.com/code-423n4/2024-05-munchables/blob/57dff486c3cd905f21b330c2157fe23da2a4807d/src/managers/LockManager.sol#L466
This function is called to calculate the total weighted value of a player's locked tokens. so If the loop does not execute correctly, the function will return an incorrect value or fail, impacting the accuracy of the locked weighted value.
Impact
The getLockedWeightedValue function fails to run correctly cause the loop variable i is uninitialized. and this can lead to incorrect calculations or a failure to execute the loop, impacting the calculation of the locked weighted value for a player.
Proof of Concept
here
Tools Used
manual review
Recommended Mitigation Steps
need to initializing the loop variable i to 0 to ensure the loop executes correctly
Assessed type
Other