Hawk High
First Flight #39
Beginner FriendlySolidity
100 EXP
View results
Previous Next
Submission Details
Severity: low
Valid

[H-1] No increase reviews count will make the check always true, meaning that more than five reviews can be given

kocetovelev12

Summary

In LevelOne::giveReview the protocol checks whether the reviews given are lower than 5. However, this will always be true because the variable storing a given student review is not incremented (reviewCount[_student]). This can lead to multiple reviews being given and a malicious user can continue to lower the student's grade.

Impact

Teacher can give more than 5 reviews

Tools Used

Manual review

Proof of Code: Add this test and run it.

function test_confirm_can_give_review_more_than_4_times() public schoolInSession {
for (uint i = 0; i < 6; i++) {
vm.warp(block.timestamp + 1 weeks);
vm.prank(alice);
levelOneProxy.giveReview(harriet, false);
}
console2.log('Harriet scrore: ', levelOneProxy.studentScore(harriet));
assert(levelOneProxy.studentScore(harriet) == 40);
}

Recommendations: Increase student's review count everytime when a review is given.

function giveReview(address _student, bool review) public onlyTeacher {
if (!isStudent[_student]) {
revert HH__StudentDoesNotExist();
}
require(reviewCount[_student] < 5, "Student review count exceeded!!!");
require(block.timestamp >= lastReviewTime[_student] + reviewTime, "Reviews can only be given once per week");
// where `false` is a bad review and true is a good review
if (!review) {
studentScore[_student] -= 10;
}
// Update last review time
+ reviewCount[_student]++;
lastReviewTime[_student] = block.timestamp;
emit ReviewGiven(_student, review, studentScore[_student]);
}
Updates

Lead Judging Commences

yeahchibyke Lead Judge 6 months ago
Submission Judgement Published
Validated
Assigned finding tags:

reviewCount not updated

`reviewCount` for students is not updated after each review session

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.