If the loop of the array in the check exceeds the gas limit when determining if the condition is liquidable or not, it is always revert and the liquidation condition cannot be checked.
Vulnerability Detail
IronBank's isLiquidatable function loops through the allEnteredMarkets[user] array. However, this array is added elements in the _enterMarket function with no upper limit.
Therefore, if the gas limit of the block is exceeded, the function cannot be invoked and the condition of liquidatable or not cannot be determined.
Impact
If the value of the collateral is lower than the value of the debt, it cannot be liquidated and a bad debt is created.
innertia
high
Disable Liquidate function
Summary
If the loop of the array in the check exceeds the gas limit when determining if the condition is liquidable or not, it is always revert and the liquidation condition cannot be checked.
Vulnerability Detail
IronBank's
isLiquidatablefunction loops through theallEnteredMarkets[user]array. However, this array is added elements in the_enterMarketfunction with no upper limit. Therefore, if the gas limit of the block is exceeded, the function cannot be invoked and the condition of liquidatable or not cannot be determined.Impact
If the value of the collateral is lower than the value of the debt, it cannot be liquidated and a bad debt is created.
Code Snippet
https://github.com/sherlock-audit/2023-05-ironbank/blob/9ebf1702b2163b55479624794ab7999392367d2a/ib-v2/src/protocol/pool/IronBank.sol#L1069-L1070 https://github.com/sherlock-audit/2023-05-ironbank/blob/9ebf1702b2163b55479624794ab7999392367d2a/ib-v2/src/protocol/pool/IronBank.sol#L943-L944
Tool used
Manual Review
Recommendation
Limit the number of markets a user can enter, etc.