Potential Denial of Service (DoS) in `_selectPresidentRecursive`
Description: The _selectPresidentRecursive function uses recursion to process candidates, which could lead to hitting the gas limit if there are a large number of candidates or voters. This could result in a denial of service, preventing the function from completing successfully.
Impact:
Denial of Service (DoS): If the number of candidates or voters is large, the recursive calls could consume all available gas, causing the transaction to fail. This would prevent the election process from completing, potentially halting the selection of a new president.
Proof of Concept: While a direct proof of concept in Solidity is challenging due to gas limits, the issue can be illustrated by attempting to process a large number of candidates or voters, leading to out-of-gas errors.
Recommended Mitigation:
-
Iterative Approach: Replace the recursive logic with an iterative approach to avoid deep call stacks and excessive gas consumption.
-
Batch Processing: If the number of candidates or voters is expected to be very large, consider processing them in smaller batches over multiple transactions.
Lead Judging Commences
A high number of candidates could cause an OOG
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.