Beginner FriendlyFoundry
100 EXP
View results
Submission Details
Severity: high
Valid

change status in `s_theListCheckedOnce`

Summary

Anyone could change person's status by calling checkList

Vulnerability Details

checkList has no restrictions and it is callable by anyone

Impact

Manipulate s_theListCheckedOnce mapping
Test:

function testCheckListIsCallableByAnyone() public {
vm.prank(user);
santasList.checkList(user, SantasList.Status.NICE);
assertEq(uint256(santasList.getNaughtyOrNiceOnce(user)), uint256(SantasList.Status.NICE));
}

Traces:

[PASS] testCheckListIsCallableByAnyone() (gas: 15913)
Traces:
[15913] Codehawk::testCheckListIsCallableByAnyone()
├─ [0] VM::prank(user: [0x6CA6d1e2D5347Bfab1d91e883F1915560e09129D])
│ └─ ← ()
├─ [4211] SantasList::checkList(user: [0x6CA6d1e2D5347Bfab1d91e883F1915560e09129D], 0)
│ ├─ emit CheckedOnce(person: user: [0x6CA6d1e2D5347Bfab1d91e883F1915560e09129D], status: 0)
│ └─ ← ()
├─ [690] SantasList::getNaughtyOrNiceOnce(user: [0x6CA6d1e2D5347Bfab1d91e883F1915560e09129D]) [staticcall]
│ └─ ← 0
└─ ← ()
Test result: ok. 1 passed; 0 failed; 0 skipped; finished in 1.83ms
Ran 1 test suites: 1 tests passed, 0 failed, 0 skipped (1 total tests)

Tools Used

Manual review Foundry

Recommendations

Add onlySanta modifier

Updates

Lead Judging Commences

inallhonesty Lead Judge over 1 year ago
Submission Judgement Published
Validated
Assigned finding tags:

Access Control on checkList()

Anyone is able to call checkList() changing the status of a provided address. This is not intended functionality and is meant to be callable by only Santa.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.