Hawk High
First Flight #39
Beginner FriendlySolidity
100 EXP
View results
Previous Next
Submission Details
Severity: high
Valid

Missing Review Count Incrementation in Student Reviews

igorwarkocz

Summary

The giveReview function in LevelOne.sol fails to increment the reviewCount mapping for students, despite checking against it, leading to potential review count tracking issues.

Vulnerability Details

function giveReview(address _student, bool review) public onlyTeacher {
if (!isStudent[_student]) {
revert HH__StudentDoesNotExist();
}
require(reviewCount[_student] < 5, "Student review count exceeded!!!");
require(block.timestamp >= lastReviewTime[_student] + reviewTime, "Reviews can only be given once per week");
if (!review) {
studentScore[_student] -= 10;
}
// Update last review time, but no increment system for reviewCount
lastReviewTime[_student] = block.timestamp;
emit ReviewGiven(_student, review, studentScore[_student]);
}

  • reviewCount mapping is declared but never incremented

  • Students can receive unlimited reviews despite the 5-review limit

  • Review tracking system is effectively broken

Impact

High: This vulnerability:

  • Breaks the intended review limit system

  • Allows students to receive more than 5 reviews

  • Makes the review count tracking meaningless

  • Could lead to unfair student evaluations

Tools Used

Manual code review

Recommendations

Add events to track review count changes

Updates

Lead Judging Commences

yeahchibyke Lead Judge 24 days ago
Submission Judgement Published
Validated
Assigned finding tags:

cut-off criteria not applied

All students are graduated when the graduation function is called as the cut-off criteria is not applied.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.