Infinite Deadline Reset Vulnerability in `ChristmasDinner::setDeadline` function
Summary
The ChristmasDinner::setDeadline function in the contract is designed to allow the host to set a deadline for the event. However, the implementation contains a vulnerability where the deadlineSet state variable is never updated to true (neither is by another implementation in the contract). This oversight allows the deadline to be reset infinitely by the host, undermining the intended logic of the function and potentially disrupting the event planning process.
Vulnerability Details
The if (deadlineSet) condition (ln.185-186) is intended to prevent multiple invocations of ChristmasDinner::setDeadline. However, the deadlineSet state variable is initialized to false and is never updated to true within the function or elsewhere in the contract.
This omission results in the if (deadlineSet) condition always evaluating to false, effectively rendering the check useless.
Consequently, the host can call the setDeadline function multiple times, overriding the previous deadline each time.
PoC
Paste the following test in the test suite:
Impact
This vulnerability allows the host to reset the deadline at will, leading to:
- Uncertainty and lack of trust among participants, as the deadline can be arbitrarily altered.
- Potential disruption to the event organization, as planning and budgeting depend on a fixed deadline.
- Exploitation risks if the host deliberately manipulates the deadline for malicious purposes.
Tools Used
Manual review
Recommendations
The following fix can be applied:
Lead Judging Commences
deadline is never set to true
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.