Skip to content

Commit

Permalink
Reco-3: add checks for parameters in function callTargets (#82)
Browse files Browse the repository at this point in the history 
Co-authored-by: ksatyarth2 <ksatyarth2@users.noreply.github.com>
  • Loading branch information
@ksatyarth2
ksatyarth2 and ksatyarth2 authored Nov 26, 2024
1 parent b1734cf commit d1b9e55
Show file tree
Hide file tree
Showing 3 changed files with 29 additions and 0 deletions.
4 changes: 4 additions & 0 deletions mainnet-contracts/src/PufferRevenueDepositor.sol
View file
Original file line number Diff line number Diff line change
Expand Up @@ -153,6 +153,10 @@ contract PufferRevenueDepositor is
* @dev Restricted access to `ROLE_ID_OPERATIONS_MULTISIG`
*/
function callTargets(address[] calldata targets, bytes[] calldata data) external restricted {
if (targets.length != data.length || targets.length == 0) {
revert InvalidDataLength();
}

for (uint256 i = 0; i < targets.length; ++i) {
// nosemgrep arbitrary-low-level-call
(bool success,) = targets[i].call(data[i]);
Expand Down
5 changes: 5 additions & 0 deletions mainnet-contracts/src/interface/IPufferRevenueDepositor.sol
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,11 @@ pragma solidity >=0.8.0 <0.9.0;
* @custom:security-contact security@puffer.fi
*/
interface IPufferRevenueDepositor {
/**
* @notice Thrown when the calldata targets and data length don't match or are empty.
*/
error InvalidDataLength();

/**
* @notice Thrown when the target call fails.
*/
Expand Down
20 changes: 20 additions & 0 deletions mainnet-contracts/test/unit/PufferRevenueDepositorTest.t.sol
View file
Original file line number Diff line number Diff line change
Expand Up @@ -202,4 +202,24 @@ contract PufferRevenueDepositorTest is UnitTestHelper {
emit IPufferRevenueDepositor.RevenueDeposited(100 ether);
revenueDepositor.callTargets(targets, data);
}

function testRevert_callTargets_InvalidDataLength_EmptyArrays() public {
vm.startPrank(OPERATIONS_MULTISIG);

address[] memory targets = new address[](0);
bytes[] memory data = new bytes[](0);

vm.expectRevert(IPufferRevenueDepositor.InvalidDataLength.selector);
revenueDepositor.callTargets(targets, data);
}

function testRevert_callTargets_InvalidDataLength_MismatchedLengths() public {
vm.startPrank(OPERATIONS_MULTISIG);

address[] memory targets = new address[](2);
bytes[] memory data = new bytes[](1);

vm.expectRevert(IPufferRevenueDepositor.InvalidDataLength.selector);
revenueDepositor.callTargets(targets, data);
}
}

0 comments on commit d1b9e55

Please sign in to comment.