Potential underflow
Summary
The fulfillRandomWords function in the provided Vyper contract contains a potential underflow vulnerability. This vulnerability arises due to the use of the modulus operator (%) with the length of the players array without checking if the array is empty.
Vulnerability Details
In the fulfillRandomWords function, you’re using the modulus operator (%) with the length of the players array. If the players array is empty, this will result in a division by zero error.
Here is the vulnerable code:
index_of_winner: uint256 = random_words[0] % len(self.players)
Impact
If exploited, this vulnerability could lead to unexpected behavior of the contract. A division by zero error could cause the contract to revert, disrupting its normal operation and potentially leading to a denial of service.
Tools Used
Remix
Recommendations
To mitigate this vulnerability, you could add a check to ensure the players array is not empty before this operation. In the refactored code (see the github link), an assertion checks that the players array is not empty. If the players array is empty, an assertion error is thrown with the message “No players in the raffle”. This prevents the function from causing a division by zero error.
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.