Trick or Treat
First Flight #27
Beginner FriendlyFoundry
100 EXP
View results
Previous Next
Submission Details
Severity: low
Invalid

TreatList can be overwritten

0xjunwei

Summary

AddTreat function does not perform checks if a treat exist.

Vulnerability Details

Owner could "accidentally" overwrite existing treat if the name is the same, resulting in modified rate or _metadatauri, and bloated treatNames array.

function addTreat(string memory _name, uint256 _rate, string memory _metadataURI) public onlyOwner {
treatList[_name] = Treat(_name, _rate, _metadataURI);
treatNames.push(_name);
emit TreatAdded(_name, _rate, _metadataURI);
}

No checks in place for _name when parsing and immediate overwrite.

Impact

Overwrite existing treat if the name is the same, resulting in modified rate or _metadatauri, and bloated treatNames array.

Tools Used

Manual Review

Recommendations

Perform checks if treatList[_name] exists, before continuing, if owner wishes to modify anything from the treat, use another function such as setTreatCost.

Example of a check:

require(treatList[_name].cost == 0, "Treat with this name already exists");
Updates

Appeal created

bube Lead Judge 10 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity
Assigned finding tags:

[invalid] Duplicate treats

The function `addTreat` is called by the owner. The owner is trusted. There will be no duplicates.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.