Case not handled in `getHumidity` function, when `id` is less than or equal to `REPLANT_SEASON`
Summary
The LibFertilizer:getHumidity function calculates the humidity value based on the provided id. This function serves as a part of the broader functionality of determining various parameters required for fertilizer management within the smart contract system. It is responsible for determining the humidity level based on the provided id. The humidity level is an essential factor in the fertilizer management process, as it influences various aspects of the growth and health of the beans in the system.
Vulnerability Details
As getHumidity handles most of the cases but there is 1 type of case which is not handled or unexpected. When id value is equal to or less than REPLANT_SEASON. If it is equal then the resulting value will be zero which will return RESTART_HUMIDITY (2500), which I think is not expected. And if id is less than REPLANT_SEASON, then there will be underflow issue which in this scenario result in revert as SafeMath library is used. Now think there is a wide range of values 1-6073 which will cause revert.
See the following code:
Impact
addFertilizer function will keep facing reverts for the id range from 1 to 6073 which is a kind of DOS. Also this should be handle carefully although SafeMath is used but still this case is preventing the functionality from moving forward.
Tools Used
Manual Review
Recommendations
Handle the case if id is less than or equal to REPLANT_SEASON to prevent reverts and make the process completion smooth.
Lead Judging Commences
Informational/Invalid
Informational/Invalid
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.