Missing Length Check in initialize Function for authorized and roles Arrays
Summary
The initialize function of the ManagedBudget contract lacks a check for the length mismatch between the authorized and roles arrays, which could lead to an unintended revert during execution. The lack of this check is an issue because the setAuthorized function, which operates similarly, includes such a check, indicating its importance to the protocol team. The check ensures the correctness of role assignments in the system.
Vulnerability Detail
The initialize function in the ManagedBudget contract decodes a payload containing two arrays: authorized and roles. These arrays are intended to set the roles for specific accounts. However, there is no check to ensure that both arrays have the same length before the function proceeds with assigning roles. This omission could result in a transaction failure (revert) if the arrays are of unequal length, leading to an inconsistent state where roles are not properly assigned. This vulnerability can be easily prevented by including a length check, as done in the setAuthorized function.
The protocol already enforces such length checks in the setAuthorized function, which indicates the significance of this check. It is inconsistent to omit this validation in initialize but enforce it elsewhere in the contract.
Impact
Without the length check, there is a risk of unexpected reverts during the initialization of the ManagedBudget contract. Additionally, it could prevent authorized accounts from receiving their intended roles, disrupting the management of the budget.
Code Snippet
The vulnerability is located in the initialize function:
Dancing Ruby Bee
Low/Info
Missing Length Check in
initializeFunction forauthorizedandrolesArraysSummary
The
initializefunction of theManagedBudgetcontract lacks a check for the length mismatch between theauthorizedandrolesarrays, which could lead to an unintended revert during execution. The lack of this check is an issue because thesetAuthorizedfunction, which operates similarly, includes such a check, indicating its importance to the protocol team. The check ensures the correctness of role assignments in the system.Vulnerability Detail
The
initializefunction in theManagedBudgetcontract decodes a payload containing two arrays:authorizedandroles. These arrays are intended to set the roles for specific accounts. However, there is no check to ensure that both arrays have the same length before the function proceeds with assigning roles. This omission could result in a transaction failure (revert) if the arrays are of unequal length, leading to an inconsistent state where roles are not properly assigned. This vulnerability can be easily prevented by including a length check, as done in thesetAuthorizedfunction.The protocol already enforces such length checks in the
setAuthorizedfunction, which indicates the significance of this check. It is inconsistent to omit this validation ininitializebut enforce it elsewhere in the contract.Impact
Without the length check, there is a risk of unexpected reverts during the initialization of the
ManagedBudgetcontract. Additionally, it could prevent authorized accounts from receiving their intended roles, disrupting the management of the budget.Code Snippet
The vulnerability is located in the
initializefunction:https://github.com/sherlock-audit/2024-06-boost-aa-wallet/blob/main/boost-protocol/packages/evm/contracts/budgets/ManagedBudget.sol#L43-L49
For comparison, the
setAuthorizedfunction correctly checks the length of the arrays: https://github.com/sherlock-audit/2024-06-boost-aa-wallet/blob/main/boost-protocol/packages/evm/contracts/budgets/ManagedBudget.sol#L180-L188Tool Used
Manual Review
Recommendation
Add a length check in the
initializefunction to ensure that theauthorizedandrolesarrays have the same length before processing.