Missing Validation in HorseStore.sol::feedHorse Function
Summary
The feedHorse function currently lacks a critical check to confirm the existence of the horse with the provided horseId. This omission introduces a vulnerability, allowing users to feed non-existent horses, leading to wasted gas fees and potential inaccuracies in the application state.
Vulnerability Details
The vulnerable feedHorse function is as follows:
Impact
The absence of a validation check in the feedHorse function permits users to feed horses that may not actually exist in the system. Consequently, gas fees are consumed for non-existent actions, and the feeding timestamp is updated inaccurately in the horseIdToFedTimeStamp mapping.
Tools Used
The vulnerability was discovered through manual review and foundry fuzz test, I wrote a fuzz test which attempts to feed a non-existent horse and subsequently checks if the system incorrectly registers the non-existent horse as "happy.
To run the test and confirm the vulnerability, the block of code below should be added to the Base_test.t.sol file:
then run the test file
Recommendations
To address this vulnerability, it is crucial to enhance the feedHorse function by incorporating a validation check. Consider modifying the function as follows:
The added require statement ensures that the horse with the given horseId exists before proceeding with the feeding operation. The horseExists function should be designed to verify the existence of the specified horse in the system.
Lead Judging Commences
Nonexistent horses can be fed
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.