First Flight #2: Puppy Raffle

First Flight #2

Beginner FriendlyFoundryNFT

100 EXP

View results

Previous Next

Submission Details

Severity: medium

Valid

Unbounded Loops and Growing Array Length Lead to Potential DoS

nisedo

Vulnerability Details

In the PuppyRaffle contract, the functions _isActivePlayer and getActivePlayerIndex use unbounded loops to iterate over the entire players array. Since the array length is continuously increased with new players being added and never reset or reduced in size, these loops become increasingly inefficient over time:

function _isActivePlayer() internal view returns (bool) {

for (uint256 i = 0; i < players.length; i++) {

if (players[i] == msg.sender) {

return true;

}

return false;

}

function getActivePlayerIndex(address player) external view returns (uint256) {

for (uint256 i = 0; i < players.length; i++) {

if (players[i] == player) {

return i;

}

return 0;

}

Impact

Gas Limit Exceeded: As the players array continually grows, the gas required for these functions to execute increases. Eventually, this may lead to exceeding the block gas limit, causing transaction failures.
Denial of Service (DoS): The ever-increasing cost of these functions can render the contract unusable over time, as even basic operations involving player lookup become prohibitively expensive.
Scalability and Usability Issues: The lack of scalability due to the unbounded loops and growing array size significantly impacts the contract's performance and usability, deterring users from interacting with it.

Recommendations

Implement Array Size Management: Reset or limit the size of the players array to prevent unbounded growth. This could involve resetting the array after each raffle draw or implementing a maximum player limit.
Opt for Efficient Data Structures: Utilize mappings or other more efficient data structures for tracking players, which can reduce or eliminate the need for looping through large arrays.

Updates

Lead Judging Commences

Hamiltonite Lead Judge about 2 years ago

Submission Judgement Published

Validated

Assigned finding tags:

denial-of-service-in-enter-raffle

Rewards breakdown

nSLOC

143

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!