Unbounded for loops run risk of locking contract due to blocksize limits
Summary
The contract PuppyRaffle.sol uses a pattern such that players are stored in list of addresses, and then each player's location in list is looked up at runtime by iterating over the list. While this may save storage cost, this list is unbounded and as such could theoretically grow to such a size where the block gas limit would be insufficient to process functions containing these for loops, thus locking funds and preventing crucial functionality of the contract from working.
Vulnerability Details
Impact
The impact of this is medium, because while the impact is high, the chance of it happening is low. It may happen naturally if the raffle attracts a lot of entrants. Alternatively, someone may attack the contract by generating a lot of entries, but the cost to do this is quite high, and the attacker would also have their funds locked.
Tools Used
none
Recommendations
Use a mapping to store the relationship between entrants' addresses and their index or "raffle ticket number". This way, the "playerIndex" can be simply mapped in O(1) complexity, rather than O(n), this making the theoretically gas costs bounded.
Lead Judging Commences
denial-of-service-in-enter-raffle
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.