Skip to content

Instantly share code, notes, and snippets.

@ParsaAminpour
Created February 26, 2024 17:55
Show Gist options
  • Save ParsaAminpour/36824b1bebd06cdea7647a9ca9253e1d to your computer and use it in GitHub Desktop.
Save ParsaAminpour/36824b1bebd06cdea7647a9ca9253e1d to your computer and use it in GitHub Desktop.

Author: Parsa Amini

Findings

[L-1] Multi-calling the length of list in the loop at the pipeline::Pipeline.sol smart contract.

Vulnerability Details

Using multi-continuous calling during a loop takes cost, especially if the function is external. Therefore, the length of the list could be arbitrary, cause increasing the number of calls.

Impact

As the input list length increases, the gas consumption will also increase.

Recommendations

create a memory uint256 to assign the length of list to that variable.

in pipeline::Pipeline.sol::multiPipe:

function multiPipe(PipeCall[] calldata pipes)
    external
    payable
    override
    returns (bytes[] memory results)
    {
-   results = new bytes[](pipes.length);
-   for (uint256 i = 0; i < pipes.length; i++) {
-           results[i] = _pipe(pipes[i].target, pipes[i].data, 0);
-   }
+   uint256 pipes_len = pipes.length;
+   results = new bytes[](pipes_len);
+   for (uint256 i = 0; i < pipes_len; i++) {
+           results[i] = _pipe(pipes[i].target, pipes[i].data, 0);
+   }
}

in pipeline::Pipeline.sol::advancedPipe:

function advancedPipe(AdvancedPipeCall[] calldata pipes)
    external
    payable
    override
    returns (bytes[] memory results) {
-   results = new bytes[](pipes.length);
-   for (uint256 i = 0; i < pipes.length; ++i) {
-       results[i] = _advancedPipe(pipes[i], results);
-   }
+   uint256 pipes_len = pipes.length;
+   results = new bytes[](pipes_len);
+   for (uint256 i = 0; i < pipes_len; ++i) {
+       results[i] = _advancedPipe(pipes[i], results);
+   }
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment