Hawk High
First Flight #39
Beginner FriendlySolidity
100 EXP
View results
Previous Next
Submission Details
Severity: low
Valid

`LevelOne:giveReview` Does Not Increment `reviewCount`

azriel20005

Description:
When teachers call LevelOne:giveReview for a student, the count of reviews is not being incremented.

Impact:
This is extremely important as the invariant: "Students must have gotten all reviews before system upgrade. System upgrade should not occur if any student has not gotten 4 reviews (one for each week)" directly relies on the count being inaccurate. If the count is wrong, the invariant would not hold.

Proof of Concept:
Since reviewCount is a private mapping, I changed it to a public mapping temporarily so that I can access the count value. By adding the following test code, we have shown that reviewCount is not being incremented.

function test_student_reviewCount_update() public schoolInSession {
assertEq(levelOneProxy.reviewCount(harriet), 0);
vm.warp(block.timestamp + 1 weeks);
vm.prank(alice);
levelOneProxy.giveReview(harriet, false);
assertEq(levelOneProxy.reviewCount(harriet), 0);
vm.warp(block.timestamp + 1 weeks);
vm.prank(alice);
levelOneProxy.giveReview(harriet, false);
assertEq(levelOneProxy.reviewCount(harriet), 0);
}

Recommended Mitigation:

function giveReview(address _student, bool review) public onlyTeacher {
if (!isStudent[_student]) {
revert HH__StudentDoesNotExist();
}
require(reviewCount[_student] < 5, "Student review count exceeded!!!");
require(block.timestamp >= lastReviewTime[_student] + reviewTime, "Reviews can only be given once per week");
++ reviewCount[_student]++;
}
Updates

Lead Judging Commences

yeahchibyke Lead Judge 6 months ago
Submission Judgement Published
Validated
Assigned finding tags:

reviewCount not updated

`reviewCount` for students is not updated after each review session

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.