search

code-423n4 / 2023-11-kelp-findings

13 stars 11 forks source link

Depositing functionality may become unavailable #466

Closed c4-submissions closed 11 months ago

c4-submissions commented 11 months ago

Lines of code

https://github.com/code-423n4/2023-11-kelp/blob/main/src/LRTConfig.sol#L80-L89

Vulnerability details

Impact

_addNewSupportedAsset() function adds new asset to supportedAssetList array. The problem is that this array is always increasing. It cannot be decreased. This means that risk of dos exist because this array is used in getRSETHPrice() function. If to many items will be added to supportedAssetList then loop in getRSETHPrice() may run out of gas

Proof of Concept

function _addNewSupportedAsset(address asset, uint256 depositLimit) private {
        UtilLib.checkNonZeroAddress(asset);
        if (isSupportedAsset[asset]) {
            revert AssetAlreadySupported();
        }
        isSupportedAsset[asset] = true;
        supportedAssetList.push(asset);
        depositLimitByAsset[asset] = depositLimit;
        emit AddedNewSupportedAsset(asset, depositLimit);
    }

Tools Used

Manual Review

Recommended Mitigation Steps

Add function that can remove items from the array

Assessed type

DoS

c4-pre-sort commented 11 months ago

raymondfam marked the issue as insufficient quality report

c4-pre-sort commented 11 months ago

raymondfam marked the issue as duplicate of #59

c4-judge commented 10 months ago

fatherGoose1 marked the issue as unsatisfactory: Invalid