First Flight #17: Dussehra
First Flight #17
Beginner FriendlyFoundryNFT
100 EXP
View results
Previous Next
Submission Details
Severity: high
Valid

`ChoosingRam::increaseValuesOfParticipants` do not set `isRamSelected`, forcing owner to stop the infinite battle

n0kto

Description

When someone is selected as Ram in ChoosingRam::increaseValuesOfParticipants, isRamSelected is not set to true.
It leads to an infinite battle, anyone can take the place of the previous Ram. Only the organisater will be able to stop the fight with the function selectRamIfNotSelected. It will be unfair for the first Ram, and several people will have the 5 values.

function increaseValuesOfParticipants(uint256 tokenIdOfChallenger, uint256 tokenIdOfAnyPerticipent)
public
RamIsNotSelected
{
...
if (random == 0) {
...
} else if (ramNFT.getCharacteristics(tokenIdOfChallenger).isSatyavaakyah == false){
ramNFT.updateCharacteristics(tokenIdOfChallenger, true, true, true, true, true);
selectedRam = ramNFT.getCharacteristics(tokenIdOfChallenger).ram;
@>
}
} else {
...
} else if (ramNFT.getCharacteristics(tokenIdOfAnyPerticipent).isSatyavaakyah == false){
ramNFT.updateCharacteristics(tokenIdOfAnyPerticipent, true, true, true, true, true);
selectedRam = ramNFT.getCharacteristics(tokenIdOfAnyPerticipent).ram;
@>
}
}
}

Risk

Likelyhood: High

  • Any person can call increaseValuesOfParticipants once selectedRam is set.

Impact: High

  • Break the protocol logic: several people will have the 5 values and only the last one who called the function will be the selected Ram.

Recommended Mitigation

Set the boolean to true when selectedRam is set or only check if selectedRam is address(0) in the RamIsNotSelected modifier.

Updates

Lead Judging Commences

bube Lead Judge over 1 year ago
Submission Judgement Published
Validated
Assigned finding tags:

`isRamSelected` is not set

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!