fix: [QS-12] prevent setting bad time ranges

[howydev]

No description provided.

[octane-security-app-dev]

Summary by Octane

New Contracts

No new contracts were added in this PR.

Updated Contracts

• TimeRangeModule.sol: Implemented validation to ensure validUntil is greater than validAfter in setTimeRange function.

---

🔗 Commit Hash: 6edbf70

[github-actions]

Contract sizes:

| Contract                      | Runtime Size (B) | Initcode Size (B) | Runtime Margin (B) | Initcode Margin (B) |
|-------------------------------|------------------|-------------------|--------------------|---------------------|
| AccountFactory                |            5,921 |             6,386 |             18,655 |              42,766 |
| AllowlistModule               |            9,553 |             9,580 |             15,023 |              39,572 |
| ExecutionInstallDelegate      |            5,714 |             5,760 |             18,862 |              43,392 |
| ModularAccount                |           21,975 |            28,804 |              2,601 |              20,348 |
| NativeFunctionDelegate        |              560 |               587 |             24,016 |              48,565 |
| NativeTokenLimitModule        |            4,449 |             4,476 |             20,127 |              44,676 |
| PaymasterGuardModule          |            1,845 |             1,872 |             22,731 |              47,280 |
| SemiModularAccountBytecode    |           23,358 |            30,187 |              1,218 |              18,965 |
| SemiModularAccountStorageOnly |           23,852 |            30,681 |                724 |              18,471 |
| SingleSignerValidationModule  |            3,646 |             3,673 |             20,930 |              45,479 |
| TimeRangeModule               |            2,003 |             2,030 |             22,573 |              47,122 |
| WebAuthnValidationModule      |            7,854 |             7,881 |             16,722 |              41,271 |

Code coverage:

File	% Lines	% Statements	% Branches	% Funcs
src/account/AccountBase.sol	100.00% (8/8)	100.00% (7/7)	100.00% (2/2)	100.00% (4/4)
src/account/AccountStorageInitializable.sol	100.00% (19/19)	100.00% (26/26)	100.00% (5/5)	100.00% (2/2)
src/account/ModularAccount.sol	100.00% (2/2)	100.00% (2/2)	100.00% (0/0)	100.00% (2/2)
src/account/ModularAccountBase.sol	98.99% (294/297)	96.30% (364/378)	77.59% (45/58)	97.30% (36/37)
src/account/ModularAccountView.sol	100.00% (24/24)	100.00% (28/28)	100.00% (2/2)	100.00% (4/4)
src/account/ModuleManagerInternals.sol	95.08% (58/61)	96.20% (76/79)	62.50% (5/8)	100.00% (3/3)
src/account/SemiModularAccountBase.sol	89.06% (57/64)	92.31% (84/91)	68.75% (11/16)	100.00% (15/15)
src/account/SemiModularAccountBytecode.sol	100.00% (6/6)	100.00% (7/7)	100.00% (1/1)	100.00% (2/2)
src/account/SemiModularAccountStorageOnly.sol	80.00% (4/5)	83.33% (5/6)	100.00% (0/0)	50.00% (1/2)
src/account/TokenReceiver.sol	33.33% (1/3)	33.33% (1/3)	100.00% (0/0)	33.33% (1/3)
src/factory/AccountFactory.sol	75.56% (34/45)	80.33% (49/61)	50.00% (3/6)	60.00% (9/15)
src/helpers/ExecutionInstallDelegate.sol	92.59% (50/54)	92.96% (66/71)	40.00% (2/5)	100.00% (7/7)
src/helpers/NativeFunctionDelegate.sol	100.00% (22/22)	100.00% (42/42)	100.00% (0/0)	100.00% (1/1)
src/libraries/ExecutionLib.sol	99.64% (276/277)	98.89% (268/271)	90.91% (30/33)	100.00% (24/24)
src/libraries/KnownSelectorsLib.sol	100.00% (16/16)	100.00% (34/34)	100.00% (0/0)	100.00% (2/2)
src/libraries/LinkedListSetLib.sol	94.00% (47/50)	96.25% (77/80)	66.67% (4/6)	100.00% (8/8)
src/libraries/MemManagementLib.sol	100.00% (54/54)	100.00% (70/70)	100.00% (0/0)	100.00% (12/12)
src/libraries/ModuleInstallCommonsLib.sol	57.14% (8/14)	42.11% (8/19)	75.00% (3/4)	100.00% (3/3)
src/modules/ModuleBase.sol	100.00% (13/13)	94.12% (16/17)	100.00% (2/2)	100.00% (3/3)
src/modules/permissions/AllowlistModule.sol	86.05% (74/86)	85.71% (96/112)	78.26% (18/23)	50.00% (9/18)
src/modules/permissions/NativeTokenLimitModule.sol	90.91% (40/44)	93.22% (55/59)	100.00% (13/13)	66.67% (8/12)
src/modules/permissions/PaymasterGuardModule.sol	83.33% (10/12)	82.35% (14/17)	66.67% (2/3)	71.43% (5/7)
src/modules/permissions/TimeRangeModule.sol	85.71% (12/14)	81.82% (18/22)	100.00% (2/2)	87.50% (7/8)
src/modules/validation/SingleSignerValidationModule.sol	92.00% (23/25)	81.58% (31/38)	62.50% (5/8)	90.00% (9/10)
src/modules/validation/WebAuthnValidationModule.sol	61.11% (11/18)	66.67% (18/27)	100.00% (3/3)	60.00% (6/10)
Total	94.32% (1163/1233)	93.30% (1462/1567)	79.00% (158/200)	85.51% (183/214)

[octane-security-app-dev]

Overview

Vulnerabilities found:	1

Detailed findings

src/modules/permissions/TimeRangeModule.sol

• Review potential Missing Access Control issue that is exposed in the onInstall function

---

🔗 Commit Hash: 6edbf70
🛡️ Octane Dashboard: All vulnerabilities