Absence of else statement causes `push(id)` to run every time function is called
Summary
The addFertilizer() function within LibFertilizer.sol is designed to verify whether the current id is being utilized for the first time or not. However, an analysis reveals an inconsistency in ensuring this validation.
Vulnerability Details
The documented functionality of the code entails verifying if the id obtained from id = s.bpf.add(bpf) has been previously utilized/initialized or not. An if statement purportedly accomplishes this by comparing the fertilizerAmount128 (supplied as an argument) with s.fertilizer[id].
However, regardless of whether the id is new or old, the subsequent function, push(id), is invariably executed. This contradicts the intended business logic, which mandates that the id should only be returned without being pushed if it is old, and be pushed first if it is new.
Impact
The flaw lies in the fact that the id, irrespective of its status (new or old), is always passed as an argument to push(id), potentially leading to unintended consequences.
Tools Used
Manual Review of the code was used to find this vulnerablity.
Recommendations
To rectify this issue and ensure adherence to the intended business logic, it is recommended to enclose push(id) within an else statement. The following lines of code can be used to replace the existing flawed implementation:
Implementing this adjustment will maintain the integrity of the business logic and mitigate the identified vulnerability.
Lead Judging Commences
Informational/Invalid
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.