Open sherlock-admin4 opened 4 months ago
Escalate
issue #110 doesn't talk about gas bomb through return data, and shouldn't be a duplicate of this issue. If there's an issue that could be seen as similar, it would be #73, as in that one the attacker steal the reward that was attributed to the original claimer
Escalate
issue #110 doesn't talk about gas bomb through return data, and shouldn't be a duplicate of this issue. If there's an issue that could be seen as similar, it would be #73, as in that one the attacker steal the reward that was attributed to the original claimer
You've created a valid escalation!
To remove the escalation from consideration: Delete your comment.
You may delete or edit your escalation comment anytime before the 48-hour escalation window closes. After that, the escalation becomes final.
Escalation should be rejected, watson didn't pay attention to the correct duplication. #110 is already duplicated to #73
Agree with the Lead Judge, planning to reject the escalation and leave the issue as it is.
Result: Medium Has duplicates
The protocol team fixed this issue in the following PRs/commits: https://github.com/GenerationSoftware/pt-v5-vault/pull/115
Fixed Now ExcessivelySafeCall is used restricting the return/revert data copying to 128 bytes
The Lead Senior Watson signed off on the fix.
jo13
medium
Gas Manipulation by Malicious Winners in claimPrizes Function
Summary
A malicious winner can exploit the
claimPrizes
function in theClaimer
contract by reverting the transaction through returning a huge data chunk. This manipulation can cause the transaction to run out of gas, preventing legitimate claims and allowing the malicious user to claim prizes without computing winners.Vulnerability Detail
Claimer
contract allows users to claim prizes on behalf of others by calling theclaimPrizes
function.Impact
Recommendation