Missing Review Count Update in giveReview Function
Summary:
The giveReview function in the LevelOne contract fails to increment the reviewCount mapping after a review is given. This allows teachers to submit unlimited reviews for a student, breaking the intended weekly review constraint and session grading logic.
Vulnerability Details:
The function contains a require
require(reviewCount[_student] < 5, "Student review count exceeded!");
However, the reviewCount[_student] is never incremented after a review is submitted. As a result, this check always passes, because the counter remains at its default value of 0.
Impact:
Anyone with the onlyTeacher role can exploit this to give multiple reviews.
Tools Used:
Mannual Review
Recommendations:
lastReviewTime[_student] = block.timestamp;
reviewCount[_student] += 1;
emit ReviewGiven(_student, review, studentScore[_student]);
Lead Judging Commences
reviewCount not updated
`reviewCount` for students is not updated after each review session
reviewCount not updated
`reviewCount` for students is not updated after each review session
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.