search

sherlock-audit / 2024-01-telcoin-judging

6 stars 5 forks source link

bareli - index should be less than stakingRewardsContracts length. #85

Closed sherlock-admin2 closed 8 months ago

sherlock-admin2 commented 8 months ago

bareli

medium

index should be less than stakingRewardsContracts length.

Summary

we are not checking where index is less than stakingRewardsContracts.length.

Vulnerability Detail

function getStakingRewardsContract( uint index ) external view returns (StakingRewards) { return stakingRewardsContracts[index]; }

Impact

we should be doing index should be less than stakingRewardsContracts.length..

Code Snippet

https://github.com/sherlock-audit/2024-01-telcoin/blob/main/telcoin-audit/contracts/telx/core/StakingRewardsFactory.sol#L73

Tool used

Manual Review

Recommendation

use a require statement for checking whether index is less than the stakingRewardsContracts.length..

sherlock-admin2 commented 8 months ago

1 comment(s) were left on this issue during the judging contest.

takarez commented:

invalid because { invalid because according sherlock rules view funcions are by default low and thus amking this invalid}

nevillehuang commented 7 months ago

Invalid, this function will never revert as long as appropriate reward staking contracts are deployed via the factory, so there is no need for an explicit check