kgothatso - `TelcoinDistributor :: ` out of gas can lead to DOS

[sherlock-admin]

kgothatso

high

TelcoinDistributor :: out of gas can lead to DOS

Summary

gas can be more than the block limit for the transaction for destinations array plus amounts array

Vulnerability Detail

if the length of both arrays is to big the function will revert and not execute

Impact

transactions will not be processed

Code Snippet

https://github.com/sherlock-audit/2024-01-telcoin/blob/main/telcoin-audit/contracts/protocol/core/TelcoinDistributor.sol#L194

https://github.com/sherlock-audit/2024-01-telcoin/blob/main/telcoin-audit/contracts/protocol/core/TelcoinDistributor.sol#L195

Tool used

Manual Review

Recommendation

The must be a maximum length for both array to execute the transaction. both array must not be more than the max number of destinations array plus amounts array

Duplicate of #2

[sherlock-admin2]

1 comment(s) were left on this issue during the judging contest.

takarez commented:

valid because { array length controled by council members; valid as it can get too larger}