First Flight #17: Dussehra
First Flight #17
Beginner FriendlyFoundryNFT
100 EXP
View results
Previous Next
Submission Details
Severity: low
Valid

`Dussehra.sol::killRavana` has incorrect times for when the function can be called

coffee

Summary

The Dussehra.sol::killRavana function should only be callable between the October 12th 2024 and October 13th 2024. However, the times used in the function are not correct for these dates.

Vulnerability Details

The two times used to check if this function can be called and their conversions are below:

block.timestamp < 1728691069
October 11, 2024 11:57:49 PM

block.timestamp > 1728777669
October 13, 2024 12:01:09 AM

This means that this function can be called before October 12th 2024 and after October 13th 2024.

Impact

The test below passes showing that the killRavana function can be called after October 13, 2024

function test_killRavana() public participants {
vm.warp(1728691200 + 1);
vm.startPrank(organiser);
choosingRam.selectRamIfNotSelected();
vm.stopPrank();
vm.warp(1728777669 - 1);
vm.startPrank(player2);
dussehra.killRavana();
vm.stopPrank();
assertEq(dussehra.IsRavanKilled(), true);
}

Tools Used

--Foundry

Recommendations

It is recommended to change these two times to the correct one's as per the documentation.

function killRavana() public RamIsSelected {
- if (block.timestamp < 1728691069) {
+ if (block.timestamp < 1728691200) {
revert Dussehra__MahuratIsNotStart();
}
- if (block.timestamp > 1728777669) {
+ if (block.timestamp > 1728777600) {
revert Dussehra__MahuratIsFinished();
}
Updates

Lead Judging Commences

bube Lead Judge over 1 year ago
Submission Judgement Published
Validated
Assigned finding tags:

Incorrect timestamp

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.