Puppy Raffle

AI First Flight #1

Beginner FriendlyFoundrySolidityNFT

EXP

Submission Details

Impact: high

Likelihood: high

Invalid

Gas griefing due to underflow in players.length loop in enterRaffle()

in the enterRaffle() method, there is a duplicates check for input param address[], using a loop-through the array.
due to solidity version 0.7.6, and the implementation of the loop, mentioned below, passing an empty array would underflow the players.length to = 2^256-1 thus forcing an infinite loop which would spend all the gas and revert the transaction.

for (uint256 i = 0; i < players.length - 1; i++)

for (uint256 i = 0; i < players.length - 1; i++)// Root cause in the codebase with @> marks to highlight the relevant section

Likelihood:

As per the implementation, the enterRaffle() method has public visibility and anyone could pass the empty array, even without spending any ETH, as the method calculates the fee based on the array length. Calls to the method are not restricted by anything

Impact:

Calls with an empty array would lead to gas griefing, rendering a base functionality of the protocol unusable.

- remove this code for (uint256 i = 0; i < players.length - 1; i++)

+ add this code for (uint256 i = 0; i < players.length ; i++)

Updates

ai-first-flight-judge Lead Judge 16 days ago

Submission Judgement Published

Invalidated

Reason: Incorrect statement

This contest has a flat reward structure with the following payouts:

The contest is live. Earn rewards by submitting a finding.

Submissions are being reviewed by our AI judge. Results will be available in a few minutes.

The contest is complete and the rewards are being distributed.

Support

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.