First Flight #2: Puppy Raffle
First Flight #2
Beginner FriendlyFoundryNFT
100 EXP
View results
Previous Next
Submission Details
Severity: low
Valid

getActivePlayerIndex does not return accurately for players[0]

coffee

Summary

The 'PuppyRaffle::getActivePlayerIndex' function does not return an accurate value for the address in the first slot of the players array -> players[0].

Vulnerability Details

Because getActivePlayerIndex returns 0 if the player is not found, it cannot accurately be known if a player is in slot 0 of the array or if the player has refunded and exited the raffle.

function getActivePlayerIndex(address player) external view returns (uint256) {
for (uint256 i = 0; i < players.length; i++) {
if (players[i] == player) {
return i;
}
}
@> return 0;
}

Impact

This test returns as true even though playerOne has refunded and exited the raffle.

function testGetActivePlayerIndexZero() public {
address[] memory players = new address[](2);
players[0] = playerOne;
players[1] = playerTwo;
puppyRaffle.enterRaffle{value: entranceFee * 2}(players);
uint256 indexOfPlayerOne = puppyRaffle.getActivePlayerIndex(playerOne);
vm.prank(playerOne);
puppyRaffle.refund(indexOfPlayerOne);
assertEq(puppyRaffle.getActivePlayerIndex(playerOne), 0);
assertEq(puppyRaffle.getActivePlayerIndex(playerTwo), 1);
}

[PASS] testGetActivePlayerIndexZero() (gas: 116564)

Tools Used

-Foundry

Recommendations

Return a different value if the player is not found in the array. For example, a very unlikely number.

function getActivePlayerIndex(address player) external view returns (uint256) {
for (uint256 i = 0; i < players.length; i++) {
if (players[i] == player) {
return i;
}
}
- return 0;
+ return 999;
}
Updates

Lead Judging Commences

Hamiltonite Lead Judge about 2 years ago
Submission Judgement Published
Validated
Assigned finding tags:

getActivePlayerIndex can say a player is both entered at slot 0 and inactive

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!