search

zlsecure3 / review_star

0 stars 0 forks source link

Did not check whether the table contained the related element before calling `table::borrow`. #32

Open zlsecure3 opened 1 year ago

zlsecure3 commented 1 year ago

subject

Did not check whether the table contained the related element before calling table::borrow.

description

Before borrowing the shortest_length_table and longest_length_table from the table respectively, lack of chceking to ensure these two elements are in the tables.

let shortest_length_table =&mut name_service_extension.domain_to_shortestlength;
let shortest_length = *table::borrow(shortest_length_table, domain_name);
let longest_length_table = &mut name_service_extension.domain_to_longestlength;
let longest_length = *table::borrow(longest_length_table,domain_name);

recommendation

It is suggesting that add assert function before calling table::borrow.

let shortest_length_table =&mut name_service_extension.domain_to_shortestlength;
assert!(table::contains(&shortest_length_table, domain_name), NOT_EXIST);
let shortest_length = *table::borrow(shortest_length_table, domain_name);

let longest_length_table = &mut name_service_extension.domain_to_longestlength;
assert!(table::contains(&longest_length_table, domain_name), NOT_EXIST);
let longest_length = *table::borrow(longest_length_table,domain_name);

locations

severity

Low

damage

exploitability

category

Logical

system_generated: auditor:0xac submission_id:1466824374

zlsecure3 commented 1 year ago

grading (edit)

submission_id:1466824374

review_type:GRADING

result: TBD-yes,no

rating: TBD-123

comment: TBD-Rejected,Accepted by Secure3.

severity: TBD-Critical,Medium,Low,Informational

category:

description:

zlsecure3 commented 1 year ago

client feedback (manual copy)

submission_id:1466824374

review_type:CLIENT_FEEDBACK

result: TBD-yes,no

severity: TBD-Critical,Medium,Low,Informational

comment:

zlsecure3 commented 1 year ago

client feedback decision(edit)

submission_id:1466824374

review_type:CLIENT_FEEDBACK_DECISION

result: TBD-yes,no,yes-honored,no-honored

severity: TBD-Critical,Medium,Low,Informational

comment:

zlsecure3 commented 1 year ago

client feedback decision(edit)

submission_id:1466824374

review_type:CLIENT_FEEDBACK_DECISION

result: TBD-yes,no,yes-honored,no-honored

severity: TBD-Critical,Medium,Low,Informational

comment: