Platform: Code4rena
Start Date: 28/09/2023
Pot Size: $36,500 USDC
Total HM: 5
Participants: 115
Period: 6 days
Judge: 0xDjango
Total Solo HM: 1
Id: 290
League: ETH
Rank: 58/115
Findings: 1
Award: $32.27
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: 0xDetermination
Also found by: 0xblackskull, 0xweb3boy, ADM, Breeje, Pessimistic, PwnStars, SBSecurity, Satyam_Sharma, ThreeSigma, al88nsk, blutorque, debo, dethera, maanas, neumo, oakcobalt, pina, said, sces60107, tapir, tsvetanovv, xAriextz
32.2731 USDC - $32.27
Prime.sol#updateScores can be stuck in an infinite loop due to the increment occurring after the continue statement.
If updateScores is called with a users array where any of the users return true for isScoreUpdated[nextScoreUpdateRoundId][user] then the next iteration will be triggered without incrementing i. As this will just fetch the same user again the loop will continue until all gas has been consumed and cause the function to revert.
Manual Review
Move the increment to line 206, so it is after setting the user variable but before running the check that can trigger the continue statement.
address user = users[i]; unchecked { i++; } if (!tokens[user].exists) revert UserHasNoPrimeToken(); if (isScoreUpdated[nextScoreUpdateRoundId][user]) continue;
Loop
#0 - c4-pre-sort
2023-10-05T20:40:31Z
0xRobocop marked the issue as duplicate of #556
#1 - c4-judge
2023-11-01T19:41:54Z
fatherGoose1 marked the issue as satisfactory