Enter Raffle Out of Gas.
Summary
There is no upper limit on the number of raffle players, it is incremented whenever a new player is added. Eventually as the number of players increases, the gas cost of the smart contract calls will also increase which will result in an out of gas revert. There is also no function to reduce the size other than just deleting the whole player base once a winner is selected.
Vulnerability Details
The function enterRaffle() the for loop will execute players.length number of times. The size of the players array will also increase over time, eventually the contract may reach a state where the function enterRaffle() may consume more than the available gas limit. This in turn will make the function unusable to other users.
Impact
Once the function enterRaffle() consumes more than the available gas, the function will be rendered unusable and will revert every time. This means that no new players will be able to be added to the players list and instead reach an "out of gas" error or a "block gas limit" in the worst case scenario.
An attacker may also be able to ensure that they have a higher odd of winning the raffle by flooding in their addresses so that no new players will able to compete with their raffle submissions.
Tools Used
Manual review
Recommendations
Consider adding an upper limit to the number of raffle participants, which also limits array growth.
Can also do operation to a certain index, and then do for others. Do not use full length of array for a single shot.
Arrays length and how much gas is left could also be checked.
Lead Judging Commences
denial-of-service-in-enter-raffle
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.