First Flight #5: Santa's List

First Flight #5

Beginner FriendlyFoundry

100 EXP

View results

Previous Next

Submission Details

Severity: medium

Invalid

Santalist.buyPresent's comment does not match the code.

Jaydhales

Summary

Santalist.buyPresent comment does not match the code.

Vulnerability Details

The comment says that the caller can buy a present for someone else (presentReceiver). But the code allows the user to buy present for himself
by burning the presentReceiver token.
Also, according to the comment, the function can only be called by someone who is naughty. But there is no check for that.

Impact

Mislead users.

Tools Used

Manual review.

Recommendations

Rewrite the comment to match the code.

Updates

Lead Judging Commences

inallhonesty Lead Judge over 1 year ago

Submission Judgement Published

Invalidated

Reason: Design choice

Rewards breakdown

nSLOC

116

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.