First Flight #17: Dussehra
First Flight #17
Beginner FriendlyFoundryNFT
100 EXP
View results
Previous Next
Submission Details
Severity: medium
Valid

`Dussehra::killRavana` can be call multiple time, the organiser will take more than a half of the total amount collected in the event.

kazan

Description

When Ram is selected, someone can call killRavana function and send half of the total amount collected in the event to the organiser. So it must be called just one time. But killRavana function may be called multiple times because there is no require statement or modifier that prevent more than one call. And it will send money to the organiser anytime it is called.

Impact

If it is called twice, all of money will be send to organiser address. No more reward for the chosen Ram to withdraw.

Tools Used

  • Manual review

  • Foundry

PoC

Place this test into Dussehra.t.sol, it will pass.

function test_killRavanaCanBeCalledTwiceAndOrganiserHaveAllMoney() public participants {
uint256 dussehraBalance = address(dussehra).balance;
vm.startPrank(organiser);
vm.warp(1728691200 + 2);
choosingRam.selectRamIfNotSelected();
vm.stopPrank();
vm.startPrank(player3);
dussehra.killRavana();
dussehra.killRavana();
vm.stopPrank();
uint256 organiserBalance = organiser.balance;
assertEq(dussehraBalance, organiserBalance);
vm.startPrank(player2);
vm.expectRevert("Failed to send money to Ram");
dussehra.withdraw();
vm.stopPrank();
}

Test pass, we need to prevent this happen.

Recommendations

Check Ravana has not been killed at the top of this function.

function killRavana() public RamIsSelected {
+ if (IsRavanKilled) {
+ revert("Ravana was killed");
+ }
Updates

Lead Judging Commences

bube Lead Judge over 1 year ago
Submission Judgement Published
Validated
Assigned finding tags:

isRavanKilled is not checked

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.