First Flight #2: Puppy Raffle
First Flight #2
Beginner FriendlyFoundryNFT
100 EXP
View results
Previous Next
Submission Details
Severity: high
Invalid

(H-4) When entering the raffle with same address twice the raffle will be locked up for new entrants

zxarcs

Summary

Raffle can be locked up for new entrants by entering with the same address twice.

Details

enterRaffle function has a hard requirement that two addresses not be the same

for (uint256 i = 0; i < players.length - 1; i++) {
for (uint256 j = i + 1; j < players.length; j++) {
require(players[i] != players[j], "PuppyRaffle: Duplicate player");
}
}

This requirement also means that in any user, malicious or accidental enters the raffle for the second time, no one else will be able to enter the raffle.

This check needs to be performed before the new player is added to the players storage array.

Filename

src/PuppyRaffle.sol

Permalinks

https://github.com/Cyfrin/2023-10-Puppy-Raffle/blob/07399f4d02520a2abf6f462c024842e495ca82e4/src/PuppyRaffle.sol#L88C26-L88C26

Impact

No new players can enter the raffle.

Recommendations

It is recommended to first perform the duplicate check with players storage array and the addresses in the function argument and then do players.push() when no duplicates are found. Instead of aborting the transaction, just do not players.push() the duplicate ones.

Tools Used

  • Manual Audit

  • Foundry

POC

function testStuckRuffleWithDuplicate() public playersEntered {
address attacker = address(101);
vm.deal(attacker, 10 ether);
address[] memory players = new address[](1);
players[0] = attacker;
vm.startPrank(attacker);
puppyRaffle.enterRaffle{value: entranceFee}(players);
vm.expectRevert("PuppyRaffle: Duplicate player");
puppyRaffle.enterRaffle{value: entranceFee}(players);
vm.stopPrank();
}
Updates

Lead Judging Commences

Hamiltonite Lead Judge over 1 year ago
Submission Judgement Published
Invalidated
Reason: Other

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.