Potential DoS in `getHumidity` if id > `0` and < than `END_DECREASE_SEASON`
Summary
The vulnerability lies in the getBpf function, specifically in its dependency on the getHumidity function without validating the input id. This oversight can lead to potential underflows and subsequent DoS attacks when calling getHumidity with; if id > 0 and < than END_DECREASE_SEASON it will lead to underflow which reverts always if underflow occur.
Impact
Calling the getBpf function with an id value that results in an underflow when passed to the getHumidity function can cause the latter to revert. As a result, any function depending on getBpf, such as addFertilizer, may fail to execute properly, leading to disruptions in the system's functionality. This vulnerability poses a risk of DoS attacks, potentially causing service downtime and loss of user trust.
Recommendation
Do add code to check if the id is greater than 0 and less than END_DECREASE_SEASON. Handle this case properly to prevent potential DoS attacks.
Lead Judging Commences
Informational/Invalid
Informational/Invalid
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.