nevillehuang
commented
8 months ago Low severity, I don't think this will every meet an OOG condition or at least none of this issues prove it is possible.
Closed sherlock-admin2 closed 9 months ago
nevillehuang
commented
8 months ago Low severity, I don't think this will every meet an OOG condition or at least none of this issues prove it is possible.
rvierdiiev
medium
SafeGuard.checkTransaction may revert with out of gas
Summary
SafeGuard.checkTransaction may revert with out of gas as it loops through all nonces.
Vulnerability Detail
SafeGuard.checkTransactionfunction is develop to check gnosis txs upon execution and do not allow some of them. Owner of guard has ability to veto tx. Then he provides tx hash and nonce. This nonce is then stored into nonces array.When
checkTransactionis called, then function will loop through all nonces and callIReality(_msgSender()).getTransactionHashto construct tx hash and check if it is vetoed.During the work of contract it's likely that
noncesarray will be growing till the time, whencheckTransactionwill revert with out of gas error.Impact
SafeGuard.checkTransaction will always revert. New guard will be needed.
Code Snippet
Provided above
Tool used
Manual Review
Recommendation
I guess that after some time if proposal was not executed, then it should not be able to execute it. So after some delay of time you cacn clear nonces as well.
But i am not sure about that, as i don't know exactly how it will be used,