Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Misleading secure example for 4-initialization #21

Open
oslfmt opened this issue Jul 25, 2022 · 0 comments
Open

Misleading secure example for 4-initialization #21

oslfmt opened this issue Jul 25, 2022 · 0 comments

Comments

@oslfmt
Copy link

oslfmt commented Jul 25, 2022

I believe there are couple issues with the secure example for 4-initialization attack.

  1. The discriminator field in the User struct is a misleading field name. It is not used in the code as a discriminator, in the sense that type-cosplay calls for, ie, to uniquely differentiate accounts. Further, a bool cannot even be used as a proper discriminant. It seems like the field should be renamed to is_initialized, because that is what it seems like it is being used for, an initialization flag.
  2. If the purpose of the discriminator field is indeed intended to be used as an "initialization flag", there should not be a boolean NOT operator on line 13. If user.discriminator is false, ie, uninitialized, then it should be initialized. However, the logic dictates that if it is false, then the code returns an error. If it is true (initialized), then it is reinitialized. This is the opposite of what we want I believe.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant