Overwriting Treats in addTreat Function
Summary
The addTreat function in the SpookySwap contract allows the contract owner to add new treats by specifying a name, cost, and metadata URI. However, there is currently no check in place to prevent adding a treat with an existing name
Vulnerability Details
The addTreat function allows treats to be added to the treatList mapping using a unique name as the key. However, since there’s no validation to check if a treat with the same name already exists, an owner could overwrite an existing treat by adding a new treat with an identical name.
Overwriting Treats: If the owner calls addTreat with an existing treat name, it overwrites the treat data in treatList for that name, including cost and metadata, without any warning or restriction.
Impact
Unintentional Data Loss: Previous treat data, including the original cost and metadata, is lost when overwritten.
User Confusion: Users may see different properties (cost, metadata) for treats with the same name, undermining trust and clarity in treat availability.
Tools Used
Manual Review
Recommendations
Check for Existing Treats:
Before adding a treat, verify that the treat name does not already exist in
treatList. If it exists, revert the transaction with an error message.
Appeal created
[invalid] Duplicate treats
The function `addTreat` is called by the owner. The owner is trusted. There will be no duplicates.
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.