Publication
Partagez vos connaissances.
Does mitigation of DoS in Section 4 Lesson 15 work correctly?
I am currently working on Section 4 Lesson 15 and addressing the PuppyRaffle::enterRaffle function. I have identified a potential issue with the second recommended mitigation of DoS.
function enterRaffle(address[] memory newPlayers) public payable {
require(msg.value == entranceFee * newPlayers.length, 'PuppyRaffle: Must send enough to enter raffle');
for (uint256 i = 0; i < newPlayers.length; i++) {
players.push(newPlayers[i]);
addressToRaffleId[newPlayers[i]] = raffleId;
}
for (uint256 i = 0; i < newPlayers.length ; i++) {
require(addressToRaffleId[newPlayers[i]] != raffleId, 'PuppyRaffle: Duplicate player');
}
}
The concern is that the duplicate check in the function will always fail due to the way addressToRaffleId[newPlayers[i]] is being set to raffleId for each new player. This results in the condition addressToRaffleId[newPlayers[i]] != raffleId never being true for new players, rendering the duplicate check ineffective.
I would like to confirm if my understanding of this issue is correct. Any insights or feedback on this matter would be greatly appreciated.
- Security
- Solidity
- Smart Contract
Réponses
1Thank you for pointing that out. While the example provided was intended to be brief, I agree that its inclusion in the recommendations section would not be advisable. Therefore, I recommend removing it from that section.
Connaissez-vous la réponse ?
Veuillez vous connecter et la partager.
Cyfrin Updraft is an education platform specializing on teaching the next generation of smart contract developers