First Flight #13: Baba Marta
First Flight #13
Beginner FriendlyFoundryGameFi
100 EXP
View results
Previous Next
Submission Details
Severity: medium
Valid

`stopEvent` does not clean all variable, breaking the protocol

n0kto

Description

MartenitsaEvent::stopEvent ends an event. However, it does not clean/reset this 3 variables:

  • participants array.

  • _participants mapping.

  • producers array.

When a new event will be launched, all these variables will contains the previous event data.
Here is several unexpected behavior:

  • Users won't be able to participate anymore due to this line in joinEvent: require(!_participant[msg.sender],"You have already joined the event");

  • After several events, participants array will become too big and the loop in stopEvent will revert before finishing (out-of-gas / exceeding block gas limit)

  • After several event, producers array will be huge and the getAllProducers function will revert returning it.

function stopEvent() external onlyOwner {
require(block.timestamp >= eventEndTime, "Event is not ended");
for (uint256 i = 0; i < participants.length; i++) {
isProducer[participants[i]] = false;
}
}

Risk

Likelyhood: High

  • From the second event and for all others

Impact: High

  • Previous participants cannot join new events

  • stopEvent will revert after some events leading all the users to stay producers

Recommended Mitigation

  • Clean also the _participants mapping, delete the participants array in stopEvent function.

  • Don't push any participant in the producers array since the same data is in the participants array.

Updates

Lead Judging Commences

bube Lead Judge over 1 year ago
Submission Judgement Published
Validated
Assigned finding tags:

_participants is not updated

Producers array not updated

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.