Summary

The giveReview() function is designed to allow teachers to review students once per week. It includes a reviewCount check to prevent excessive reviews but never increments the reviewCount variable, effectively bypassing the limit.

Vulnerability Details

The line 281 :

require(reviewCount[_student] < 5, "Student review count exceeded!!!");

intends to limit the number of reviews a student can receive. However, reviewCount[_student] is never incremented after a review is given.

This results in:

• Students being reviewable an infinite number of times,

• Graduation logic relying on review count becoming faulty,

• Potential abuse of the system (e.g. endless penalties or bonuses).

Impact

Without incrementing reviewCount, the system assumes students are never fully reviewed. This may prevent the contract from being upgraded (once the review check is added), or allow malicious review spam to alter scores unfairly.

Tools Used

Manual code review

Recommendations

After a review is given, include the following line:

reviewCount[_student] += 1;

This ensures the weekly review counter properly reflects the number of reviews each student has received.