First Flight #7: Horse Store
First Flight #7
Beginner FriendlyFoundryNFT
100 EXP
View results
Previous Next
Submission Details
Severity: high
Valid

Certain block.timestamps will cause 'HorseStore.huff::FEED_HORSE' to revert

coffee

Summary

In the 'HorseStore.huff::FEED_HORSE' function, if the current block.timestamp is divisible by 17, then the function will revert.

Vulnerability Details

In the 'HorseStore.huff::FEED_HORSE' function there are the following lines:

0x11 timestamp mod
endFeed jumpi
revert
endFeed:
stop

If the timestamp mod 17 does not give a remainder -> then it will not jump to endFeed, instead the function will revert. This means that when FEED_HORSE is called, and the current timestamp is divisible by 17, then the function will revert.

Impact

The below test will fail because the timestamp 102000 is divisible by 17.

function testHuffFEED_HORSEWillFailIfTimeIsDivisibleBy17() public {
uint256 horseId = horseStore.totalSupply();
vm.warp(102000);
vm.roll(86400);
vm.prank(user);
horseStore.mintHorse();
horseStore.feedHorse(horseId);
assertEq(horseStore.isHappyHorse(horseId), true);
}

Tools Used

--Foundry

Recommendations

It is recommended to remove the mod and revert lines as they are not necessary.

#define macro FEED_HORSE() = takes (0) returns (0) {
timestamp // [timestamp]
0x04 calldataload // [horseId, timestamp]
STORE_ELEMENT(0x00) // []
// End execution
- 0x11 timestamp mod
- endFeed jumpi
- revert
- endFeed:
stop
}
Updates

Lead Judging Commences

inallhonesty Lead Judge over 1 year ago
Submission Judgement Published
Validated
Assigned finding tags:

FEED_HORSE() macro does not allow users to feed a horse if the timestamp is divisible by 17

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.