First Flight #2: Puppy Raffle
First Flight #2
Beginner FriendlyFoundryNFT
100 EXP
View results
Previous Next
Submission Details
Severity: medium
Valid

`enterRaffle` function will run out of gas

funkornaut

Summary

The enterRaffle function itterates over arrays three times and will revert if they become too long.

Vulnerability Details

Looping through arrays is gas intensive. The enterRaffle function does this three times. Once over the array passed by the user and twice over the player array to check for duplicates.

function enterRaffle(address[] memory newPlayers) public payable {
require(msg.value == entranceFee * newPlayers.length, "PuppyRaffle: Must send enough to enter raffle");
for (uint256 i = 0; i < newPlayers.length; i++) {
players.push(newPlayers[i]);
}
// Check for duplicates
for (uint256 i = 0; i < players.length - 1; i++) {
for (uint256 j = i + 1; j < players.length; j++) {
require(players[i] != players[j], "PuppyRaffle: Duplicate player");
}
}

Impact

If either of these arrays is or becomes too large it will run out of gas. If a user passed an array of address who wishes to enter and it is too long they will have to split it into multiple function calls. But then when the players array becomes too long no new players will be able to enter the raffle

Tools Used

Manual Review

Recommendations

Only allow players to enter themselves into the raffle and track their entry with a bool. This would also disallow users from registering unwilling accounts into the raffle.

Updates

Lead Judging Commences

Hamiltonite Lead Judge over 1 year ago
Submission Judgement Published
Validated
Assigned finding tags:

denial-of-service-in-enter-raffle

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.