If a submitted vote contains an out-of-bounds candidate index, that selection is silently omitted from the tally. The POST /api/voter/submit call returns HTTP 200, so the voter believes their vote was accepted — but their selection was not counted. This is a data-integrity issue that directly undermines voter trust.
File: rustsystem-server/src/vote_auth.rs:45-47
} else {
warn!("Vote contains invalid candidate id: {candidate_id}");
}Fix: Reject the submission with an appropriate error before recording any part of the vote, or validate candidate indices before accepting.
If a submitted vote contains an out-of-bounds candidate index, that selection is silently omitted from the tally. The
POST /api/voter/submitcall returns HTTP 200, so the voter believes their vote was accepted — but their selection was not counted. This is a data-integrity issue that directly undermines voter trust.File:
rustsystem-server/src/vote_auth.rs:45-47Fix: Reject the submission with an appropriate error before recording any part of the vote, or validate candidate indices before accepting.