Closed code423n4 closed 1 year ago
https://github.com/code-423n4/2023-06-stader/blob/main/contracts/PermissionedNodeRegistry.sol#L227
There is no way out of the loop if operator not active.
do { if (!operatorStructById[i].active) { continue; } uint256 remainingCapacity = validatorPerOperatorGreaterThanZero ? remainingOperatorCapacity[i] : getOperatorQueuedValidatorCount(i); uint256 newSelectedCapacity = Math.min(remainingCapacity, remainingValidatorsToDeposit); selectedOperatorCapacity[i] += newSelectedCapacity; remainingValidatorsToDeposit -= newSelectedCapacity; i = (i % totalOperators) + 1; if (remainingValidatorsToDeposit == 0) { operatorIdForExcessDeposit = i; break; } } while (i != operatorIdForExcessDeposit);
The check
if (!operatorStructById[i].active) { continue; }
is the first thing in the while loop.
Error
Picodes marked the issue as duplicate of #155
Picodes marked the issue as unsatisfactory: Out of scope
Lines of code
https://github.com/code-423n4/2023-06-stader/blob/main/contracts/PermissionedNodeRegistry.sol#L227
Vulnerability details
Impact
There is no way out of the loop if operator not active.
Proof of Concept
The check
is the first thing in the while loop.
Assessed type
Error