Weather Witness

First Flight #40

Beginner FriendlyFoundrySolidityNFT

100 EXP

View results

Previous Next

Submission Details

Impact: medium

Likelihood: medium

Invalid

[L-1] Missing Inputs Validation in ```WeatherNft:::constructor```.

wolf_kalp

Root + Impact

Missing Inputs Validation in WeatherNft:::constructor.

Description

The WeatherNft:::constructor takes several parameters in constructor among them some
are not sanitised or are not validated properly such as,
address functionsRouter,address _link, address _keeperRegistry,address _keeperRegistrar,_currentMintPrice,_stepIncreasePerMint.

Impact:

Due To missing inputs validation ,attacker can pass zero addresses which gets updated in
state variable which leads to malformed states and storage.

Proof of Concept

Deploying the contract with zero addresses:

weathernft = new WeatherNft(

weathers,

weatherURI,

0x0000000000000000000000000000000000000000,

config,

0.001 ether,

0x0000000000000000000000000000000000000000,

50000

);

Recommended Mitigation

Add require Checks for input validation:

+require(_link != address(0), "Invalid LINK address");

+require(_keeperRegistry != address(0), "Invalid Keeper Registry");

+require(_keeperRegistrar != address(0), "Invalid Keeper Registrar");

+require(_currentMintPrice > 0, "Invalid Mint Price");

+require(_stepIncreasePerMint > 0, "Invalid Step Increase");

Revised Constructor:

contract WeatherNft is

WeatherNftStore,

ERC721,

FunctionsClient,

ConfirmedOwner,

AutomationCompatibleInterface

{

using FunctionsRequest for FunctionsRequest.Request;

using SafeERC20 for IERC20;

constructor(

Weather[] memory weathers,

string[] memory weatherURIs,

address functionsRouter,

FunctionsConfig memory _config,

uint256 _currentMintPrice,

uint256 _stepIncreasePerMint,

address _link,

address _keeperRegistry,

address _keeperRegistrar,

uint32 _upkeepGaslimit

)

ERC721("Weather NFT", "W-NFT")

FunctionsClient(functionsRouter)

ConfirmedOwner(msg.sender)

{

require(

weathers.length == weatherURIs.length,

WeatherNft__IncorrectLength()

);

for (uint256 i; i < weathers.length; ++i) {

s_weatherToTokenURI[weathers[i]] = weatherURIs[i];

}

require(_link != address(0), "Invalid LINK address");

require(_keeperRegistry != address(0), "Invalid Keeper Registry");

require(_keeperRegistrar != address(0), "Invalid Keeper Registrar");

require(_currentMintPrice > 0, "Invalid Mint Price");

require(_stepIncreasePerMint > 0, "Invalid Step Increase");

s_functionsConfig = _config;

s_currentMintPrice = _currentMintPrice;

s_stepIncreasePerMint = _stepIncreasePerMint;

s_link = _link;

s_keeperRegistry = _keeperRegistry;

s_keeperRegistrar = _keeperRegistrar;

s_upkeepGaslimit = _upkeepGaslimit;

s_tokenCounter = 1;

}

Updates

Appeal created

bube Lead Judge 5 months ago

Submission Judgement Published

Invalidated

Reason: Non-acceptable severity

Rewards breakdown

nSLOC

236

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.