3 matches found
MultiRewardStaking.addRewardToken can eventually break the contract
Lines of code Vulnerability details When adding a reward token, the token address is added to rewardTokens. 263: rewardTokens.pushrewardToken; If rewardTokens is large enough, accrueRewards will revert with an out-of-gas error, as it loops through rewardsToken 373: for uint8 i; i 0...
GHSA-4456-W38R-M53X Besu VM vulnerable to gas allocation error in CALL operations
Impact An error in 32 bit signed and unsigned types in the calculation of available gas in the CALL operations including DELEGATECALL results in incorrect gas being passed into called contracts and incorrect gas being returned after call execution. Where the amount of gas makes a difference in th...
lastUpdatedDay not initialized
Email address [email protected] Handle gpersoon Eth address gpersoon.eth Vulnerability details The variable lastUpdatedDay in IncentiveDistribution.sol is not properly initialized. This means the function updateDayTotals will end up in a very large loop which will lead to an out of gas error. Eve...