GivingThanks
First Flight #28
Beginner FriendlyFoundry
100 EXP
View results
Previous Next
Submission Details
Severity: medium
Valid

Incorrect Initialization of Registry Address in ERC721 Constructor

icon0x

Summary

Vulnerability Details

The ERC721 contract constructor incorrectly assigns msg.sender to the registry variable instead of _registry, which is the intended parameter. This error causes the contract to reference an incorrect address, potentially leading to functionality issues when interacting with the CharityRegistry. Proper initialization with _registry is required to ensure correct and secure interactions.

Here is the malicious code:

constructor(address _registry) ERC721("DonationReceipt", "DRC") {
@> registry = CharityRegistry(msg.sender);
owner = msg.sender;
tokenCounter = 0;
}

Impact

This misassignment can lead to failed interactions with the intended registry, compromising the contract’s intended functionality and potentially disrupting donation tracking.

Tools Used

Manual Review

Recommendations

To fix this issue, correct the assigned address from msg.sender to _registry to the registry variable.

constructor(address _registry) ERC721("DonationReceipt", "DRC") {
- registry = CharityRegistry(msg.sender);
+ registry = CharityRegistry(_registry);
owner = msg.sender;
tokenCounter = 0;
}
Updates

Lead Judging Commences

n0kto Lead Judge 10 months ago
Submission Judgement Published
Validated
Assigned finding tags:

finding-bad-registry-set-at-construction

Likelyhood: High, the parameter is not well used and won't be set. Impact: Low, can be changed with the setter and no one will be able to donate to malicious charity.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.