There is no limit to the number of shareholders. It is therefore possible to set a large number of shareholders such that _sendFees() will run out of gas when adding shares to each shareholder.
This will cause denial of service to all NestedFactory functions, especially the ones that will remove funds like withdraw() and destroy().
Recommended Mitigation Steps
It would be best to set a sanity maximum number of shareholders that can be added.
Handle
GreyArt
Vulnerability details
Impact
There is no limit to the number of shareholders. It is therefore possible to set a large number of shareholders such that
_sendFees()
will run out of gas when adding shares to each shareholder. This will cause denial of service to all NestedFactory functions, especially the ones that will remove funds likewithdraw()
anddestroy()
.Recommended Mitigation Steps
It would be best to set a sanity maximum number of shareholders that can be added.