First Flight #2: Puppy Raffle
First Flight #2
Beginner FriendlyFoundryNFT
100 EXP
View results
Previous Next
Submission Details
Severity: medium
Valid

Duplicate checks in `PuppyRaffle::enterRaffle` causes a potential DOS attack

Kelvineth

Summary

The enterRaffle function has a nested loop to check for duplicate addresses on Line-85 This could potentially cause a DOS attack.

Vulnerability Details

This results in time complexity. If the players array is large, this could lead to a very high gas limitation, making the contract less usable and potentially vulnerable to DOS attacks

// Check for duplicates
for (uint256 i = 0; i < players.length - 1; i++) {
for (uint256 j = i + 1; j < players.length; j++) {
require(players[i] != players[j], "PuppyRaffle: Duplicate player");
}
}
emit RaffleEnter(newPlayers);

Proof of Concept

  • Set up code in Remix

  • Call enterRaffle function with an Empty Array

Note that the transaction cause the protocol to freeze and revert on an out of gas error

Impact

Implications

Passing the above tests implies that the vulnerability:

  • it could lead to lost of funds if the gas exceeds it limit, though fees will still be paid.

  • it can lead to an in increase gas cost.

Tools Used

  • Remix

Recommendations

To fix this bug, add a require statement that only allows the owner to successfully call the setPassword() function.

function setPassword(string memory newPassword) external {
+ require(msg.sender == s_owner, "Caller not owner!"); // Add this line
s_password = newPassword;
emit SetNetPassword();
}

Updates

Lead Judging Commences

Hamiltonite Lead Judge about 2 years ago
Submission Judgement Published
Validated
Assigned finding tags:

denial-of-service-in-enter-raffle

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!