Closed sherlock-admin closed 8 months ago
kgothatso
high
TelcoinDistributor ::
gas can be more than the block limit for the transaction for destinations array plus amounts array
destinations
amounts
if the length of both arrays is to big the function will revert and not execute
transactions will not be processed
https://github.com/sherlock-audit/2024-01-telcoin/blob/main/telcoin-audit/contracts/protocol/core/TelcoinDistributor.sol#L194
https://github.com/sherlock-audit/2024-01-telcoin/blob/main/telcoin-audit/contracts/protocol/core/TelcoinDistributor.sol#L195
Manual Review
The must be a maximum length for both array to execute the transaction. both array must not be more than the max number of destinations array plus amounts array
Duplicate of #2
1 comment(s) were left on this issue during the judging contest.
takarez commented:
valid because { array length controled by council members; valid as it can get too larger}
kgothatso
high
TelcoinDistributor ::
out of gas can lead to DOSSummary
gas can be more than the block limit for the transaction for
destinations
array plusamounts
arrayVulnerability Detail
if the length of both arrays is to big the function will revert and not execute
Impact
transactions will not be processed
Code Snippet
https://github.com/sherlock-audit/2024-01-telcoin/blob/main/telcoin-audit/contracts/protocol/core/TelcoinDistributor.sol#L194
https://github.com/sherlock-audit/2024-01-telcoin/blob/main/telcoin-audit/contracts/protocol/core/TelcoinDistributor.sol#L195
Tool used
Manual Review
Recommendation
The must be a maximum length for both array to execute the transaction. both array must not be more than the max number of
destinations
array plusamounts
arrayDuplicate of #2