From 2519ba3268902607b6d96db6ee107c151e776741 Mon Sep 17 00:00:00 2001
From: ksatyarth2 <erkumar@protonmail.ch>
Date: Fri, 22 Nov 2024 16:22:34 +0700
Subject: [PATCH 1/3] fix: reco-3: add checks for parameters in function
 callTargets

---
 mainnet-contracts/src/PufferRevenueDepositor.sol            | 4 ++++
 mainnet-contracts/src/interface/IPufferRevenueDepositor.sol | 5 +++++
 2 files changed, 9 insertions(+)

diff --git a/mainnet-contracts/src/PufferRevenueDepositor.sol b/mainnet-contracts/src/PufferRevenueDepositor.sol
index 94b9604..3ce44ea 100644
--- a/mainnet-contracts/src/PufferRevenueDepositor.sol
+++ b/mainnet-contracts/src/PufferRevenueDepositor.sol
@@ -153,6 +153,10 @@ contract PufferRevenueDepositor is
      * @dev Restricted access to `ROLE_ID_OPERATIONS_MULTISIG`
      */
     function callTargets(address[] calldata targets, bytes[] calldata data) external restricted {
+        if (targets.length != data.length || targets.length == 0) {
+            revert InvalidDataLength();
+        }
+
         for (uint256 i = 0; i < targets.length; ++i) {
             // nosemgrep arbitrary-low-level-call
             (bool success,) = targets[i].call(data[i]);
diff --git a/mainnet-contracts/src/interface/IPufferRevenueDepositor.sol b/mainnet-contracts/src/interface/IPufferRevenueDepositor.sol
index 6736ef5..2f92787 100644
--- a/mainnet-contracts/src/interface/IPufferRevenueDepositor.sol
+++ b/mainnet-contracts/src/interface/IPufferRevenueDepositor.sol
@@ -7,6 +7,11 @@ pragma solidity >=0.8.0 <0.9.0;
  * @custom:security-contact security@puffer.fi
  */
 interface IPufferRevenueDepositor {
+    /**
+     * @notice Thrown when the calldata targets and data length don't match or are empty.
+     */
+    error InvalidDataLength();
+
     /**
      * @notice Thrown when the target call fails.
      */

From ab52674b2f399f1854076dde975f4776ebe45c98 Mon Sep 17 00:00:00 2001
From: ksatyarth2 <erkumar@protonmail.ch>
Date: Mon, 25 Nov 2024 15:26:58 +0700
Subject: [PATCH 2/3] feat: add missing tests for coverage

---
 .../unit/PufferRevenueDepositorTest.t.sol     | 20 +++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/mainnet-contracts/test/unit/PufferRevenueDepositorTest.t.sol b/mainnet-contracts/test/unit/PufferRevenueDepositorTest.t.sol
index 8d63166..6d00f10 100644
--- a/mainnet-contracts/test/unit/PufferRevenueDepositorTest.t.sol
+++ b/mainnet-contracts/test/unit/PufferRevenueDepositorTest.t.sol
@@ -202,4 +202,24 @@ contract PufferRevenueDepositorTest is UnitTestHelper {
         emit IPufferRevenueDepositor.RevenueDeposited(100 ether);
         revenueDepositor.callTargets(targets, data);
     }
+
+    function testRevert_callTargets_InvalidDataLength_EmptyArrays() public {
+        vm.startPrank(OPERATIONS_MULTISIG);
+        
+        address[] memory targets = new address[](0);
+        bytes[] memory data = new bytes[](0);
+
+        vm.expectRevert(IPufferRevenueDepositor.InvalidDataLength.selector);
+        revenueDepositor.callTargets(targets, data);
+    }
+
+    function testRevert_callTargets_InvalidDataLength_MismatchedLengths() public {
+        vm.startPrank(OPERATIONS_MULTISIG);
+        
+        address[] memory targets = new address[](2);
+        bytes[] memory data = new bytes[](1);
+
+        vm.expectRevert(IPufferRevenueDepositor.InvalidDataLength.selector);
+        revenueDepositor.callTargets(targets, data);
+    }
 }

From 50e11b79aa06fad644d88c04eeab19b7e5020f14 Mon Sep 17 00:00:00 2001
From: ksatyarth2 <ksatyarth2@users.noreply.github.com>
Date: Mon, 25 Nov 2024 08:27:51 +0000
Subject: [PATCH 3/3] forge fmt

---
 mainnet-contracts/test/unit/PufferRevenueDepositorTest.t.sol | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/mainnet-contracts/test/unit/PufferRevenueDepositorTest.t.sol b/mainnet-contracts/test/unit/PufferRevenueDepositorTest.t.sol
index 6d00f10..adee8c6 100644
--- a/mainnet-contracts/test/unit/PufferRevenueDepositorTest.t.sol
+++ b/mainnet-contracts/test/unit/PufferRevenueDepositorTest.t.sol
@@ -205,7 +205,7 @@ contract PufferRevenueDepositorTest is UnitTestHelper {
 
     function testRevert_callTargets_InvalidDataLength_EmptyArrays() public {
         vm.startPrank(OPERATIONS_MULTISIG);
-        
+
         address[] memory targets = new address[](0);
         bytes[] memory data = new bytes[](0);
 
@@ -215,7 +215,7 @@ contract PufferRevenueDepositorTest is UnitTestHelper {
 
     function testRevert_callTargets_InvalidDataLength_MismatchedLengths() public {
         vm.startPrank(OPERATIONS_MULTISIG);
-        
+
         address[] memory targets = new address[](2);
         bytes[] memory data = new bytes[](1);