First Flight #2: Puppy Raffle
First Flight #2
Beginner FriendlyFoundryNFT
100 EXP
View results
Previous Next
Submission Details
Severity: low
Invalid

Function inputs and parameters lack sanity checks e.g amount != 0

aballok

Summary

Critical variables, inputs, parameters are not sanity checked to ensure not zero values or within reasonable bounds

Vulnerability Details

constructor(uint256 _entranceFee, address _feeAddress, uint256 _raffleDuration) ERC721("Puppy Raffle", "PR") {
entranceFee = _entranceFee;

Values in constructor and or function like uint256 _entranceFee and _raffleDuration are not sanity checked to ensure they are not zero values or better still to ensure that they are bound withing reasonable margins eg minimum and maximum values
If duration is too low eg 20 seconds passed in by error or too long raffle will have bad reputation

Impact

If for example fee in constructor is passed in as 0 by error the contracts will not earn any income
If the fee is passed to high by error no one will enter raffle making contracts useless and no fee generated

Tools Used

Manual Analysis

Recommendations

May be recommended to ensure input values or critical variables are within reasonable bounds
Ensure entranceFee != 0 or better still ensure it is bounded within reasonable levels
For example in constructor appl

require(_entranceFee > minValue && entranceFee < maxValue)
require(_raffleDuration > minValueTime && _raffleDuration < maxValueDuration)
Updates

Lead Judging Commences

Hamiltonite Lead Judge over 1 year ago
Submission Judgement Published
Invalidated
Reason: User input validation

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.