sherlock-admin
commented
8 months ago 2 comment(s) were left on this issue during the judging contest.
tsvetanovv commented:
Low
takarez commented:
invalid because { i believe the impact is very low}
Closed sherlock-admin closed 8 months ago
sherlock-admin
commented
8 months ago 2 comment(s) were left on this issue during the judging contest.
tsvetanovv commented:
Low
takarez commented:
invalid because { i believe the impact is very low}
dermaroller5
medium
sendMessage will wrongfully fail in a scenario where a user sends max data length
Summary
The
sendMessagefunction currently verifies if the data length is greater than or equal to the specified max length. However, it should permit the operation even when the data length is equal to theMAX_DATA_LENGTH.Vulnerability Detail
As the current logic checks
length >= MAX_DATA_LENGTH, a user attempting to send a message with the maximum allowable data will encounter failure. Instead, the check should allow the operation to pass when the length equalsMAX_DATA_LENGTH.Impact
User will not be able to make use of the projects
sendmessagefunction in certain scenario'sCode Snippet
https://github.com/sherlock-audit/2023-12-avail/blob/main/contracts/src/AvailBridge.sol#L300-L303
Tool used
Manual Review
Recommendation