Submission Details
Severity:
[EVMN-HH04] Missing Student Score Validation for Graduation
Summary
Missing Student Score Validation for Graduation
Vulnerability Details
According to the invariants, students who do not meet the cutOffScore should not be upgraded. However, the graduateAndUpgrade() function does not filter students based on their scores.
Impact
High (High Impact, Medium Likelihood)
Tools Used
Manual review.
Recommendations
Add logic to exclude students who do not meet the cutoff score before upgrading:
function graduateAndUpgrade(address _levelTwo, bytes memory) public onlyPrincipal {
if (_levelTwo == address(0)) {
revert HH__ZeroAddress();
}
if (block.timestamp < sessionEnd) {
revert("Session has not ended yet");
}
// Check that all students have received 4 reviews
for (uint256 i = 0; i < listOfStudents.length; i++) {
if (reviewCount[listOfStudents[i]] != 4) {
revert("Not all students have received 4 reviews");
}
}
// Remove students who don't meet the cutoff score
for (uint256 i = 0; i < listOfStudents.length; i++) {
if (studentScore[listOfStudents[i]] < cutOffScore) {
// Swap with last element and remove
listOfStudents[i] = listOfStudents[listOfStudents.length - 1];
listOfStudents.pop();
i--; // Adjust index after removal
}
}
uint256 totalTeachers = listOfTeachers.length;
uint256 payPerTeacher = (bursary * TEACHER_WAGE) / PRECISION;
uint256 principalPay = (bursary * PRINCIPAL_WAGE) / PRECISION;
_authorizeUpgrade(_levelTwo);
for (uint256 n = 0; n < totalTeachers; n++) {
usdc.safeTransfer(listOfTeachers[n], payPerTeacher);
}
usdc.safeTransfer(principal, principalPay);
}
Updates
Lead Judging Commences
yeahchibyke 6 months ago
Submission Judgement Published Assigned finding tags:
cut-off criteria not applied
All students are graduated when the graduation function is called as the cut-off criteria is not applied.
yeahchibyke 6 months ago
Submission Judgement Published Assigned finding tags:
cut-off criteria not applied
All students are graduated when the graduation function is called as the cut-off criteria is not applied.
Rewards breakdown
nSLOC
243This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.