search

sherlock-audit / 2023-12-avail-judging

4 stars 4 forks source link

r0ck3tz - Incorrect check for the maximum length of the message #76

Closed sherlock-admin2 closed 8 months ago

sherlock-admin2 commented 8 months ago

r0ck3tz

medium

Incorrect check for the maximum length of the message

Summary

The protocol currently incorporates an inaccurate check for the maximum length of the message that can be transmitted via sendMessage. In the current implementation, the sendMessage call reverts if the message reaches the maximum length allowed.

Vulnerability Detail

The validation check for ensuring that the maximum data length is not exceeded currently employs the incorrect operator >= instead of the operator >.

if (length >= MAX_DATA_LENGTH) {
      revert ExceedsMaxDataLength();
}

This results in a scenario where sending a message with the maximum length equal to 102400 is not possible.

Impact

It is not possible to send the message with the maximum length of 102400 which should be possible according to the protocol specification.

Code Snippet

https://github.com/sherlock-audit/2023-12-avail/blob/main/contracts/src/AvailBridge.sol#L302-L304

Tool used

Manual Review

Recommendation

It is recommended to change the check from >= to >:

if (length > MAX_DATA_LENGTH) {
      revert ExceedsMaxDataLength();
}
sherlock-admin commented 8 months ago

2 comment(s) were left on this issue during the judging contest.

tsvetanovv commented:

Low

takarez commented:

invalid because { invalid and a duplicate of issue 074}