Darinrikusham - There is no restriction on the number of invitees in the param in bulkInviteAddresses function in EthosProfile contract which could lead to out of bound gas issue. #302
There is no restriction on the number of invitees in the param in bulkInviteAddresses function in EthosProfile contract which could lead to out of bound gas issue.
Summary
No check on number of invitees allowed in bulkInviteAddresses function in EthosProfile contract could lead to out of bound gas issue when users tries to input more invitees together.
Root Cause
No restriction on amount of invitees that can be added in bulkInviteAddresses function could lead to out of bound gas issue when users try to add more values of invitees together in single transaction.
Internal pre-conditions
No response
External pre-conditions
No response
Attack Path
No response
Impact
No response
PoC
No response
Mitigation
Check and restriction on number of invitees in bulkInviteAddresses function on single transaction.
Darinrikusham
Medium
There is no restriction on the number of invitees in the param in bulkInviteAddresses function in EthosProfile contract which could lead to out of bound gas issue.
Summary
No check on number of invitees allowed in bulkInviteAddresses function in EthosProfile contract could lead to out of bound gas issue when users tries to input more invitees together.
Root Cause
No restriction on amount of invitees that can be added in bulkInviteAddresses function could lead to out of bound gas issue when users try to add more values of invitees together in single transaction.
Internal pre-conditions
No response
External pre-conditions
No response
Attack Path
No response
Impact
No response
PoC
No response
Mitigation