President Elector

First Flight #24
Beginner FriendlyFoundry
100 EXP
View results
Submission Details
Severity: low
Invalid

Lack of Validation in Recursive Selection

Summary

the recursive function _selectPresidentRecursive may loop indefinitely, eventually causing a stack overflow and transaction failure.

Vulnerability Details

The recursive `src/RankedChoice::_selectPresidentRecursive function assumes that at least one candidate remains at each step.If somehow the function is called with an empty candidateList, it would cause an infinite recursion or unexpected behavior.

Impact

Election process would fail, and the contract could become stuck in an unusable state until the issue is manually resolved.

Tools Used

Manual Review

Recommendations

Add a validation check to ensure that the candidate list is never empty.

function _selectPresidentRecursive(
address[] memory candidateList,
uint256 roundNumber
) internal returns (address[] memory) {
if (candidateList.length == 0) {
revert RankedChoice__SomethingWentWrong();
}
if (candidateList.length == 1) {
return candidateList;
}
// Continue the recursive logic...
}
Updates

Lead Judging Commences

inallhonesty Lead Judge 9 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity
Assigned finding tags:

[INVALID] `_selectPresidentRecursive` can be called with a 0 `candidateList`

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.