ArkProject: NFT Bridge
ArkProject
NFTBridge
60,000 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

Invalid `felt252` Value in Test Case Leads to Incorrect Conversion Testing (`byte_array_extra.cairo::tests::from_felt252`)

4gontuk

Summary

Vulnerability Detail

The from_felt252 test case in the starknet/src/byte_array_extra.cairo contract is responsible for testing the conversion of a felt252 value into a ByteArray. This test case is crucial for ensuring that the conversion logic works correctly. However, the test case uses an invalid felt252 value ('hello how are you?'), which is a string literal and not a valid felt252 type. This can lead to incorrect test results and does not properly test the conversion logic.

Impact

The use of an invalid felt252 value in the test case can lead to incorrect test results, giving a false sense of security about the correctness of the conversion logic. This can result in undetected bugs in the conversion logic, potentially leading to data corruption and unexpected behavior in the contract.

Tools Used

Manual review

Recommendation

The test case should be updated to use a valid felt252 value and correctly test the conversion logic. The following code provides a corrected implementation:

#[cfg(test)]
mod tests {
use core::serde::Serde;
use super::{FeltTryIntoByteArray, SpanFeltTryIntoByteArray};
#[test]
fn from_felt252() {
let a: felt252 = 123456789; // Use a valid felt252 value
let b: Option<ByteArray> = a.try_into();
match b {
Option::Some(e) => {
assert!(e.data.is_empty(), "Data should be empty");
assert_eq!(e.pending_word, 123456789, "Wrong pending word");
assert_eq!(e.pending_word_len, 9, "Wrong pending word len"); // Adjust length accordingly
},
Option::None => panic!("Should not be None")
}
}
// ... other test cases ...
}
Updates

Lead Judging Commences

n0kto Lead Judge 12 months ago
Submission Judgement Published
Invalidated
Reason: Out of scope

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.