There is a limit on the number of candidates one voter can rank but there is no limit on the number of total candidates. This could lead to the contract running out of gas and a potential DoS attack.
Suppose there are 100 voters in the VOTERS
array. There is a limit of 10 candidates per orderedCandidates
list. Suppose those 100 voters all have a different set of 10 candidates that they want to rank for President. This would lead to the contract running out of funds as it would call the recursive function _selectPresidentRecursive
1000 times, while each function call would lead to the execution of a nested loop. This would lead to an unimaginably high gas cost and would lead to the contract reverting every single call made to it beginning from that selectPresident
call that would trigger the tremendous gas expenditure.
This is a test function that would prove that the gas limit of the contract being reached is quite possible:
This is a snippet of the output proving that the contract is out of gas:
Potential DoS attack or lead to exhaustion of contract's gas, making the contract unable to use.
Manual Review, Foundry
Add a limit to the total number of candidates allowed in the elections and try to avoid recursive functions and nested loops.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.