First Flight #2: Puppy Raffle
First Flight #2
Beginner FriendlyFoundryNFT
100 EXP
View results
Previous Next
Submission Details
Severity: low
Valid

`getActivePlayerIndex` returns 0 index for non active players

AnouarBF

Summary

getActivePlayerIndex returns 0 index for non active players

Vulnerability Details

getActivePlayerIndex function returns 0 if the player not found in the players array. But in case the player is active and his index is 0 the function will return 0 as well

Impact

This could make a confusion for players if they are active or their index is 0.

Tools Used

manual review

Recommendations

It will be better to use modify the _isActivePlayer to take an address as argument and return a boolean value representing the activity of the player. Then use it as a checking statement in the getActivePlayerIndex function before iterating through the players array like so :

// Here we removed the "return 0" statement because the player is already active in case the first condition is valid
function getActivePlayerIndex(address player)
external
view
returns (uint256)
{
require(_isActivePlayer(player), "Should be an active player!");
for (uint256 i = 0; i < players.length; i++) {
if (players[i] == player) {
return i;
}
}
}
// We pass the player address to this internal function to check if the player is active, and return true in case he is.
function _isActivePlayer(address _player) internal view returns (bool) {
for (uint256 i = 0; i < players.length; i++) {
if (players[i] == _player) {
return true;
}
}
return false;
}
Updates

Lead Judging Commences

Hamiltonite Lead Judge about 2 years ago
Submission Judgement Published
Validated
Assigned finding tags:

getActivePlayerIndex can say a player is both entered at slot 0 and inactive

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!