Aave DIVA Wrapper

Description:

​

The batch functions in `AaveDIVAWrapper`, perform external calls into a for loop, these function also get dinamic arrays as parameters what may result in a DoS attack, in case that these dinamic arrays length is long enough to reach to the gas limit and exceed it.

​

Impact:

​

The batch functions in AaveDIVAWrapper pose a Denial of Service (DoS) risk due to their use of external calls within a loop while processing dynamic arrays. If a user provides an array large enough to exceed the gas limit, the transaction will consistently fail, making the function unusable. This could disrupt protocol operations, prevent users from executing valid batch transactions, and lead to unnecessary gas wastage.

​

Proof of Concept:

​

1. The attacker constructs a large input array

- The attacker prepares a dynamic array with an extremely high number of elements, ensuring that the loop processing these elements exceeds the gas limit.

​

​

2. The attacker calls a vulnerable batch function

​

- The attacker executes a batch function (e.g., batchExecute(...)) in AaveDIVAWrapper, passing the oversized array as an argument.

​

3. The function starts processing the array in a loop

- The smart contract begins iterating through the array and making external calls within each iteration.

​

​

4. Gas consumption grows until it exceeds the block gas limit

​

- As the loop executes, gas usage increases significantly until it surpasses the maximum allowed by the network, forcing a transaction failure.

​

5. DoS condition is achieved

​

- The batch function cannot be executed by any user if the input is too large, making legitimate transactions fail when reaching the gas limit.

​

Recomended Mitigation

​

1. Set a reasonable limit on array size to prevent excessive gas usage.

2. Implement gas-aware batching, allowing partial processing and continuation in subsequent transactions.

4. Use off-chain batching solutions where feasible to minimize gas-intensive on-chain operations.