First Flight #20: The Predicter
First Flight #20
Beginner FriendlyFoundry
100 EXP
View results
Previous Next
Submission Details
Severity: medium
Invalid

Lack of Check for Finalized Match Results in getPlayerScore Function

chaossr

Summary

he getPlayerScore function does not verify if the actual result of the match is finalized before using it for score calculation. This can lead to incorrect score calculations if pending results are included.

Vulnerability Details

No Check for Finalized Results: The function does not check if the actual match result is finalized (i.e., not Result.Pending). This oversight can cause the score calculation to include incomplete or pending match results, leading to inaccurate scores.

Impact

Inaccurate Score Calculations: Including pending match results in the score calculation can lead to incorrect player scores, affecting the integrity and fairness of the scoring process.

Tools Used

Manual code review

Recommendations
Add Check for Finalized Results: Ensure that the actual match result is finalized before using it for score calculation. This maintains the integrity and fairness of the scoring process.

function getPlayerScore(address player) public view returns (int8 score) {
for (uint256 i = 0; i < NUM_MATCHES; ++i) {
if (playersPredictions[player].isPaid[i] &&
playersPredictions[player].predictions[i] != Result.Pending &&
results[i] != Result.Pending // Ensure that only finalized results are used)
{score += playersPredictions[player].predictions[i] == results[i]? int8(2): -1;}
}
}
Updates

Lead Judging Commences

NightHawK Lead Judge about 1 year ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.