Lack of unique charity registration check can cause potential for duplicate entries in the CharityRegistry
Summary
The registerCharity() function in the CharityRegistry contract is designed to register a charity, but it currently does not perform a check to ensure that the charity is not already registered. This inconsistency between the function's purpose and its implementation could lead to potential issues in the contract's behavior.
Vulnerability Details
The registerCharity() function is responsible for adding a charity to the registeredCharities mapping. However, the function does not currently check if the charity is already registered before adding it to the mapping. This means that a charity could potentially be registered multiple times, even though the function is intended to handle the registration of a new charity.
Impact
The lack of a check for existing registrations in the registerCharity() function could lead to the following issues:
Duplicate entries: The registry could end up containing multiple entries for the same charity, which could cause confusion and make it more difficult to identify unique charities.
Inefficient data management: Allowing duplicate registrations could result in unnecessary storage and processing overhead, as the contract would need to handle and manage redundant data.
Potential security risks: The absence of a registration check could potentially be exploited by malicious actors to spam the registry or create fraudulent entries.
Tools Used
Manual Code Review
Recommendations
To address the inconsistency in the registerCharity() function, the following recommendations are suggested:
Add check for charity registration like:
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.