`reviewCount` Mapping Is Never Updated or Initialized
Summary
The reviewCount mapping is used to restrict the number of reviews a student can receive (maximum of 4), yet it is never updated when a review is given. This means the condition reviewCount[_student] < 5 will always evaluate to true, rendering the limit ineffective.
Impact
The absence of an update to reviewCount allows unlimited reviews for a student, bypassing the intended restriction. This could lead to abuse by malicious teachers who repeatedly reduce a student’s score, and by the way breaking one of the invariant.
Recommendation
Increment the reviewCount[_student] value after each successful review, as shown below:
Place this line after updating lastReviewTime to ensure the student’s review count is tracked properly.
Tools Used
Slither
Lead Judging Commences
reviewCount not updated
`reviewCount` for students is not updated after each review session
reviewCount not updated
`reviewCount` for students is not updated after each review session
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.