Open code423n4 opened 12 months ago
asselstine marked the issue as sponsor confirmed
There is a small chance of wasted gas due to this search never ending, but the report doesn't dig into the potential impact of this finding. Downgrading to Low.
Picodes changed the severity to QA (Quality Assurance)
Picodes marked the issue as grade-a
Lines of code
https://github.com/GenerationSoftware/pt-v5-prize-pool/blob/4bc8a12b857856828c018510b5500d722b79ca3a/src/libraries/DrawAccumulatorLib.sol#L454-L456
Vulnerability details
Impact
The binarySearch does not check for overlap between the left and right index of the sliding window, and loops indefinitely when satisfies item not exists in list until revert or gas is exhausted.
Proof of Concept
According to the code only
targetAtOrAfter &&_targetLastClosedDrawId <= afterOrAtDrawId
can break loop, if no element in the list meets the condition, it loops indefinitely until the array index overflows or exhausts gasTools Used
Manual review
Recommended Mitigation Steps
Should check
leftSide > rightSide
to break the loopAssessed type
Loop