Vulnerable File: packages/circuits/src/lib/Card.circom
commit: d32b6982536ca217d4255b14e449e3859764c600
lastIndex is not constrained to [0, size-1]. If it’s out of range, no isEqualToLastIndex[i] will be 1, lastCard becomes 0, and no slot is set to 255, violating the intended semantics.
selectedIndex is not constrained to [0, lastIndex] (or even [0, size-1]). If it’s out of range, selectedCardAccumulator stays 0, so selectedCard = 0, and the “selected card” need not come from cardList at all.
No bound on divisor either, so the division/modulus relation is not properly enforced.
This may cause possible security issues.
Vulnerable File:
packages/circuits/src/lib/Card.circomcommit:
d32b6982536ca217d4255b14e449e3859764c600lastIndexis not constrained to [0, size-1]. If it’s out of range, no isEqualToLastIndex[i] will be 1, lastCard becomes 0, and no slot is set to 255, violating the intended semantics.selectedIndexis not constrained to [0, lastIndex] (or even [0, size-1]). If it’s out of range, selectedCardAccumulator stays 0, so selectedCard = 0, and the “selected card” need not come from cardList at all.No bound on
divisoreither, so the division/modulus relation is not properly enforced.This may cause possible security issues.