Submission Details
Severity:
`HorseStore::FEED_HORSE` might revert due to irrelevant modulo arithmetic assertion
Description: The HorseStore::FEED_HORSE function contains a modulo 17 conditional check that can cause the function to revert depending
on the block.timestamp
#define macro FEED_HORSE() = takes (0) returns (0) {
timestamp // [timestamp]
0x04 calldataload // [horseId, timestamp]
STORE_ELEMENT(0x00) // []
// End execution
@> 0x11 timestamp mod // [timestamp % 17]
@> endFeed jumpi // feeding the horse should not revert under any case
revert
endFeed:
stop
}
Impact: High, the HorseStore::FEED_HORSE function should not revert under any circumstance
Proof 0f Code:
Code
add test to HorseStoreHuff.t.sol function test_feedHorseFail(uint timestamp) public {
vm.assume((timestamp % 17) == 0);
vm.warp(timestamp);
uint256 horseId = horseStore.totalSupply();
vm.prank(user);
horseStore.mintHorse();
vm.expectRevert();
horseStore.feedHorse(horseId);
}
Recommendation:
#define macro FEED_HORSE() = takes (0) returns (0) {
timestamp // [timestamp]
0x04 calldataload // [horseId, timestamp]
STORE_ELEMENT(0x00) // []
// End execution
- 0x11 timestamp mod //? [timestamp % 17] why
- endFeed jumpi //? feeding the horse should not revert for any reason
- revert
- endFeed:
stop
}
Updates
Lead Judging Commences
inallhonesty over 1 year ago
Submission Judgement Published Assigned finding tags:
FEED_HORSE() macro does not allow users to feed a horse if the timestamp is divisible by 17
Rewards breakdown
nSLOC
460This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.