First Flight #2: Puppy Raffle
First Flight #2
Beginner FriendlyFoundryNFT
100 EXP
View results
Previous Next
Submission Details
Severity: low
Invalid

`_isActivePlayer()` function is `Internal` function. So, `Players can't call this function` to check whether they are active or not.

naman1729

Summary

  • _isActivePlayer() function is internal function and not visible to players. This internal function only use inside the contract. Because of this, Players can't call this function to check whether they are active or not. So, On changing the visibility of the function to public, Players can call this function to check whether they are active or not.

Vulnerability Details

/// @notice this function will return true if the msg.sender is an active player
@> function _isActivePlayer() internal view returns (bool) {
for (uint256 i = 0; i < players.length; i++) {
if (players[i] == msg.sender) {
return true;
}
}
return false;
}

  • The _isActivePlayer() function is an internal function. So, Players can't call this function to check whether they are active or not.

Impact

  • Players can't call this function to check whether they are active or not.

Tools Used

  • Manual Review

Recommendations

/// @notice this function will return true if the msg.sender is an active player
- function _isActivePlayer() internal view returns (bool) {
+ function _isActivePlayer() public view returns (bool) {
for (uint256 i = 0; i < players.length; i++) {
if (players[i] == msg.sender) {
return true;
}
}
return false;
}

  • Change the visibility of the function to public so that players can call this function to check whether they are active or not.

Updates

Lead Judging Commences

Hamiltonite Lead Judge about 2 years ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!