First Flight #7: Horse Store
First Flight #7
Beginner FriendlyFoundryNFT
100 EXP
View results
Previous Next
Submission Details
Severity: high
Valid

`HorseStore.huff::FEED_HORSE` macro doesn't allow users to feed horse if the timestamp is divisible by 17

shikhar229169

Summary

The protocol mentions that horses must be able to feed all the time but in the FEED_HORSE macro in huff contract doesn't allow the user to feed horse if the timestamp is divisible by 17.

Vulnerability Details

The vulnerability lies inside the FEED_HORSE macro inside the HorseStore.huff contract where it reverts if the timestamp is divisible by 17 and doesn't allow the user to feed the horse at all times.

@> 0x11 timestamp mod
endFeed jumpi
revert
endFeed:
stop

here it takes the modulo of timestamp with 0x11 which equals 17 in decimal.

Impact

The user will not be able to feed the horse if timestamp is divisible by 17.

PoC

Add the test in the file - test/HorseStoreHuff.t.sol

Run the test

forge test --mt test_feedHorse
function test_feedHorse(uint64 _timestamp) public {
uint256 horseId = horseStore.totalSupply();
vm.prank(user);
horseStore.mintHorse();
vm.warp(uint256(17) * _timestamp);
vm.expectRevert();
horseStore.feedHorse(horseId);
}

Tools Used

Manual Review

Recommendations

Neigghhhh at that line which cause revert

#define macro FEED_HORSE() = takes (0) returns (0) {
timestamp // [timestamp]
0x04 calldataload // [horseId, timestamp]
STORE_ELEMENT(0x00) // []
// End execution
- 0x11 timestamp mod
- endFeed jumpi
- revert
- endFeed:
stop
}
Updates

Lead Judging Commences

inallhonesty Lead Judge over 1 year ago
Submission Judgement Published
Validated
Assigned finding tags:

FEED_HORSE() macro does not allow users to feed a horse if the timestamp is divisible by 17

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.