First Flight #2: Puppy Raffle
First Flight #2
Beginner FriendlyFoundryNFT
100 EXP
View results
Previous Next
Submission Details
Severity: high
Valid

Reentrancy No ETH

DuncanDuMond

Summary

Detection of the reentrancy bug. Do not report reentrancies that involve Ether (see reentrancy-eth).

Vulnerability Details

Location:

Reentrancy in PuppyRaffle.refund(uint256) (src/PuppyRaffle.sol#96-105):
External calls:

  • address(msg.sender).sendValue(entranceFee) (src/PuppyRaffle.sol#101)
    State variables written after the call(s):

  • players[playerIndex] = address(0) (src/PuppyRaffle.sol#103)
    PuppyRaffle.players (src/PuppyRaffle.sol#23) can be used in cross function reentrancies:

  • PuppyRaffle.enterRaffle(address[]) (src/PuppyRaffle.sol#79-92)

  • PuppyRaffle.getActivePlayerIndex(address) (src/PuppyRaffle.sol#110-117)

  • PuppyRaffle.players (src/PuppyRaffle.sol#23)

  • PuppyRaffle.refund(uint256) (src/PuppyRaffle.sol#96-105)

  • PuppyRaffle.selectWinner() (src/PuppyRaffle.sol#125-154)

Impact

If the participant's address is a contract, and it has a fallback function that reverts or consumes more than 2300 gas, the refund will fail.

Tools Used

Audit Wizard (Slither)

Recommendations

Apply the check-effects-interactions pattern.

Updates

Lead Judging Commences

patrickalphac Lead Judge
about 2 years ago
Hamiltonite Lead Judge about 2 years ago
Submission Judgement Published
Validated
Assigned finding tags:

reentrancy-in-refund

reentrancy in refund() function

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!