No Upper Bound for Candidate Votes (Out of Gas Risk)
Summary
The selectPresident function iterates through all voters and candidates, which can lead to excessive gas usage if the candidate list grows too large. This can result in out-of-gas errors or inefficient execution.
Vulnerability Details
The selectPresident function iterates through all voters and candidates to tally votes. If the number of candidates grows too large, especially after multiple rounds of voting, this can lead to excessive gas usage. This is particularly concerning if the candidateList is large or grows over time.
Impact
This could prevent the election from being completed, blocking the selection of a new president and rendering the contract unusable during such elections.
Tools Used
Manual
Recommendations
Enforce a maximum limit on the number of candidates that can participate in any single election. This ensures that the candidate list remains manageable and avoids excessive gas usage.
}
Lead Judging Commences
A high number of candidates could cause an OOG
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.