Submission Details
Severity:
Anyone can set a new password
Summary
Anyone is able to set the password since there are no control validation in place
Vulnerability Details
This function allows only the owner to set a new password
/*
* @notice This function allows only the owner to set a new password.
* @param newPassword The new password to set.
*/
function setPassword(string memory newPassword) external {
s_password = newPassword;
emit SetNetPassword();
}
Since it is external with no validation in place, anyone could call the setPassword and change it, POC as below:
function test_non_owner_set_password() public {
vm.startPrank(address(1));
string memory expectedPassword = "InsecurePassword2";
passwordStore.setPassword(expectedPassword);
vm.prank(owner);
string memory actualPassword = passwordStore.getPassword();
assertEq(actualPassword, expectedPassword);
}
Impact
Anyone could rewrite the owner's password.
Tools Used
Foundry and manual inspection.
Recommendations
Add control validation to only allow the owner to setPassword
function setPassword(string memory newPassword) external {
+ if (msg.sender != s_owner) {
+ revert PasswordStore__NotOwner();
+ }
s_password = newPassword;
emit SetNetPassword();
}
Updates
Lead Judging Commences
inallhonesty
about 2 years ago
inallhonesty about 2 years ago
Submission Judgement Published Assigned finding tags:
finding-lacking-access-control
Anyone can call `setPassword` and set a new password contrary to the intended purpose.
Rewards breakdown
nSLOC
20This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.