First Flight #2: Puppy Raffle
First Flight #2
Beginner FriendlyFoundryNFT
100 EXP
View results
Previous Next
Submission Details
Severity: medium
Valid

The ```selectWinner()``` function will revert if winner is address(0) or smart contract address without ERC721Received implementation

zhuying

Summary

The selectWinner() function will revert if winner is address(0) or smart contract address without ERC721Received implementation

Vulnerability Details

If winner is smart contract address without ERC721Received implementation, _safeMint() function will revert. And if someone refund and winner is address(0), _safeMint() function will revert too. So the selectWinner() function will revert. This will lead to gas waste.

Impact

The selectWinner() function will revert. If all players are smart contract addresses without ERC721Received implementation, the selectWinner() function will freeze.

Tools Used

manual
foundry

POC

function testSelectWinnerFailWhenWinnerIsZeroAddress() public playersEntered {
vm.startPrank(playerFour);
uint256 playerIndex = puppyRaffle.getActivePlayerIndex(playerFour);
puppyRaffle.refund(playerIndex);
vm.stopPrank();
vm.warp(block.timestamp + duration + 1);
vm.roll(block.number + 1);
assertEq(puppyRaffle.players(3), address(0));
vm.deal(address(puppyRaffle), entranceFee * 4);
vm.expectRevert();
puppyRaffle.selectWinner();

Recommendations

Check if the player is EOA or smart contract address with ERC721Received implementation.

Updates

Lead Judging Commences

patrickalphac Lead Judge about 2 years ago
Submission Judgement Published
Validated
Assigned finding tags:

smart contract wallet without fallback/receive will halt the raffle

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!