Platform: Code4rena
Start Date: 14/04/2023
Pot Size: $90,500 USDC
Total HM: 7
Participants: 59
Period: 14 days
Judge: LSDan
Total Solo HM: 3
Id: 232
League: ETH
Rank: 19/59
Findings: 1
Award: $694.56
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: hihen
Also found by: Parad0x, bin2chen, chaduke, eierina, nobody2018, rvierdiiev
694.5552 USDC - $694.56
The return value of readKeyValue could be incorrect in some cases.
The primary issue stems from the function's assumption that if it cannot locate the terminator within the range [offset, offset+len), then there is no terminator in the input, subsequently setting the terminator offset to input.length.
The readKeyValue() function is designed to read key and value pairs and return the offset (nextOffset) of the next key-value pair. However, there is an issue in the code implementation.
When the function tries to extract the value portion, it searches for a white space as the terminator and sets the 'terminator' variable to the offset of the terminator. If the function is unable to locate the terminator, it sets the 'terminator' variable to input.length, assuming that no terminator exists within the range [offset+len, input.length). This situation also carries the unintended consequence of potentially reading more than the designated 'len' characters specified by the input.
Manual review.
terminator= offset + len; instead of terminator = input.length;
#0 - c4-pre-sort
2023-05-01T10:31:46Z
thereksfour marked the issue as duplicate of #246
#1 - c4-judge
2023-05-08T14:44:51Z
dmvt marked the issue as satisfactory