Open hats-bug-reporter[bot] opened 1 year ago
Thanks for the report. I do not believe this can lead to a DoS since the _batchUpdate function is only used in claimReward and claimAllRewards. If they do enter too many assets and it leads to OOG, they can simply call the claimAllRewards function again with less assets. No other users will be affected.
This isn't considered a gas griefing attack. Those attacks are when using .call
to call another contract, since .call
does not enforce that the call has enough gas to finish the subcall.
Please provide more details if you would like to further discuss.
Github username: @@rodiontr Submission hash (on-chain): 0x804931a60cdcc85e36a48c79bd4dff93c5f470e2476a17c06587ace17dfb61fe Severity: medium severity
Description:
Vulnerability Report
Description in DistributionManager.sol, there is an internal function that takes memory array of user's assets as user-input parameter. It can potentially lead to a DoS attack as having an array as a memory parameter in an internal function creates a complete copy of it and if it grows too big it can lead to a memory corruption Attack Scenario User can provide an array that can grow and create memory corruption
Recommendation: enfore array size limit