The LibPool.payOffDebtAll function iterates over all elements of the ps.protocols array.
Impact
The transactions could fail if the arrays get too big and the transaction would consume more gas than the block limit.
This will then result in a denial of service for the desired functionality and break core functionality.
The severity is low as only governance can whitelist protocols per token but not the protocols themselves.
Handle
cmichel
Vulnerability details
The
LibPool.payOffDebtAll
function iterates over all elements of theps.protocols
array.Impact
The transactions could fail if the arrays get too big and the transaction would consume more gas than the block limit. This will then result in a denial of service for the desired functionality and break core functionality.
The severity is low as only governance can whitelist protocols per token but not the protocols themselves.
Recommendation
Keep the array size small.