The SherX.getTotalSherXUnminted function iterates over all elements of the tokensStaker array.
Impact
The transactions could fail if the arrays get too big and the transaction would consume more gas than the block limit.
This will then result in a denial of service for the desired functionality and break core functionality.
The severity is low as only governance can whitelist these tokens but not the protocols themselves.
Handle
cmichel
Vulnerability details
The
SherX.getTotalSherXUnmintedfunction iterates over all elements of thetokensStakerarray.Impact
The transactions could fail if the arrays get too big and the transaction would consume more gas than the block limit. This will then result in a denial of service for the desired functionality and break core functionality.
The severity is low as only governance can whitelist these tokens but not the protocols themselves.
Recommendation
Keep the array size small.