Platform: Code4rena
Start Date: 21/06/2022
Pot Size: $50,000 USDC
Total HM: 31
Participants: 99
Period: 5 days
Judges: moose-code, JasoonS, denhampreen
Total Solo HM: 17
Id: 139
League: ETH
Rank: 10/99
Findings: 1
Award: $1,817.55
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: 0x1f8b
Also found by: BowTiedWardens, Lambda, StErMi, berndartmueller, csanuragjain, neumo, rfa
https://github.com/code-423n4/2022-06-yieldy/blob/main/src/contracts/BatchRequests.sol#L93
The contracts length will always increase because the removeAddress() function just deleting the value inside the array and never decrease the length by calling pop() method. This can lead to Dos when calling functions that doing loop on contracts storage:
https://github.com/code-423n4/2022-06-yieldy/blob/main/src/contracts/BatchRequests.sol#L16
https://github.com/code-423n4/2022-06-yieldy/blob/main/src/contracts/BatchRequests.sol#L36
https://github.com/code-423n4/2022-06-yieldy/blob/main/src/contracts/BatchRequests.sol#L91
Implement the pop() method for dynamic array so we can avoid unnecessary storage reading for zero value in the future
#0 - Picodes
2022-06-27T16:08:59Z
As addAddress is only owner, this is a low issue at best as the array length cannot be arbitrarily increased
#1 - toshiSat
2022-06-27T17:48:11Z
disagree with severity: low severity due to onlyOwner function.
#2 - 0x1f8b
2022-07-03T19:55:15Z
@toshiSat @Picodes
It's onlyOwner method but the logic is wrong, so you don't need to attack nothing or have a bad actor here, if the owner try to remove an address, the service will be denied, that's cannot be low...
#3 - Picodes
2022-08-01T16:41:18Z
@0x1f8b indeed, but it seems in the important function of the contract it won't revert due to the test contracts[i] != address(0)
#4 - 0x1f8b
2022-08-05T05:46:59Z
@0x1f8b indeed, but it seems in the important function of the contract it won't revert due to the test
contracts[i] != address(0)