You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Nov 26, 2023. It is now read-only.
sherlock-admin opened this issue
May 5, 2023
· 0 comments
Labels
DuplicateA valid issue that is a duplicate of an issue with `Has Duplicates` labelMediumA valid Medium severity issueRewardA payout will be made for this issue
Wrong check in mintPlayers() function allows mint more players
Summary
Wrong check in mintPlayers() function allows mint more players
Vulnerability Detail
From the documentation, we can see that users should be able to mint 10 players.
maxGenerationId: The maximum integer generationId that can be used to mint
players. This is the number of players that can be minted per cohort. At game
launch this value will be 10.
However, the following check is incorrect, as it always allows minting 11 players instead of the intended 10.
if (generationId > _maxGenerationId) {
revertGenerationIDTooHigh(generationId, _maxGenerationId);
}
generationIds is an array. Loop begin counting from 0
uint256 generationId;
for (uint256 i =0; i < generationIds.length; ) {
Because of the first index in an array is zero the check will only revert when generationId is 11 allowing users to mint more players
Impact
User can mint more players than he should be
Code Snippet
if (generationId > _maxGenerationId) {
revertGenerationIDTooHigh(generationId, _maxGenerationId);
}
Sign up for freeto subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Labels
DuplicateA valid issue that is a duplicate of an issue with `Has Duplicates` labelMediumA valid Medium severity issueRewardA payout will be made for this issue
Phantasmagoria
medium
Wrong check in mintPlayers() function allows mint more players
Summary
Wrong check in mintPlayers() function allows mint more players
Vulnerability Detail
From the documentation, we can see that users should be able to mint 10 players.
However, the following check is incorrect, as it always allows minting 11 players instead of the intended 10.
generationIds
is an array. Loop begin counting from 0Because of the first index in an array is zero the check will only revert when generationId is 11 allowing users to mint more players
Impact
User can mint more players than he should be
Code Snippet
https://github.com/sherlock-audit/2023-04-footium/blob/main/footium-eth-shareable/contracts/FootiumAcademy.sol#L186-L188
Tool used
Manual Review
Recommendation
Change
generationId > _maxGenerationId
togenerationId >= _maxGenerationId
Duplicate of #152
The text was updated successfully, but these errors were encountered: