Potential Denial of Service Due to Linear Iteration in LevelOne.expel
Summary
Potential Denial of Service (DoS) vulnerability in the expel function of the LevelOne smart contract due to unbounded linear iteration through the listOfStudents array.
Vulnerability Details
The expel(address _student) function in the LevelOne contract iterates through the listOfStudents array to locate the student to be expelled. As the number of enrolled students grows, the gas cost of this operation increases linearly with the size of the array. A legitimate call by the principal to expel a student could potentially cause the transaction to exceed the block gas limit if listOfStudents becomes sufficiently large, making the expel function unusable. While the isStudent mapping allows for constant-time checks of a student's enrollment status, the array iteration for removal remains a gas bottleneck.
Impact
Denial of Service (DoS): The
expelfunction can become unusable for the principal if the number of students is large, preventing necessary administrative actions.
Increased Gas Costs: Legitimate calls to
expelwill consume more gas than necessary, especially with a large number of students.
Tools Used
Manual code review and analysis.
Recommendations
You can perform the look up in batches. where you specify a range of students to look at during a single call
Lead Judging Commences
possible DoS when expelling students
Unbounded loops in student lists could result in high gas usage when trying to expel a students when students are plenty. This could result in a possible DoS
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.