BriVault
First Flight #52
Beginner FriendlySolidity
100 EXP
View results
Previous Next
Submission Details
Severity: medium
Valid

Potential DoS preventing the winner's withdrawal if the number of participants is too large

0xnetero

Root + Impact

Description

  • If the number of participants in the tournament too large, the winner may not be able to withdraw his winning reward

function _getWinnerShares () internal returns (uint256) {
// @audit DOS for loop
for (uint256 i = 0; i < usersAddress.length; ++i){
address user = usersAddress[i];
totalWinnerShares += userSharesToCountry[user][winnerCountryId];
}
return totalWinnerShares;
}

Risk

Likelihood: Medium

  • If a loop processes too many items or contains heavy computations, it may run out of gas, causing the transaction to fail and revert all changes made during its execution.

Impact:

  • For example, if 10000 players join the tournament, the loop in _getWinnerShares() function will run out of gas, the withdraw transaction will be reverted

  • Winners may not be able to claim their winning reward

Proof of Concept

Recommended Mitigation

  • Limit number of participants of a tournament may help resolve this DoS issue

Updates

Appeal created

bube Lead Judge 21 days ago
Submission Judgement Published
Validated
Assigned finding tags:

Unbounded Loop in _getWinnerShares Causes Denial of Service

The _getWinnerShares() function is intended to iterate through all users and sum their shares for the winning country, returning the total.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!