smartbugs-curated/dataset/denial_of_service/send_loop.sol

/*
 * @source: https://consensys.github.io/smart-contract-best-practices/known_attacks/#dos-with-unexpected-revert
 * @author: ConsenSys Diligence
* @vulnerable_at_lines: 24
 * Modified by Bernhard Mueller
 */

pragma solidity 0.4.24;

contract Refunder {
    
address[] private refundAddresses;
mapping (address => uint) public refunds;

    constructor() {
        refundAddresses.push(0x79B483371E87d664cd39491b5F06250165e4b184);
        refundAddresses.push(0x79B483371E87d664cd39491b5F06250165e4b185);
    }

    // bad
    function refundAll() public {
        for(uint x; x < refundAddresses.length; x++) { // arbitrary length iteration based on how many addresses participated
        // <yes> <report> DENIAL_OF_SERVICE
            require(refundAddresses[x].send(refunds[refundAddresses[x]])); // doubly bad, now a single failure on send will hold up all funds
        }
    }

}
Add SB Curated (copied from the smartbugs repository). 2022-11-23 10:07:09 +01:00			`/*`
			`* @source: https://consensys.github.io/smart-contract-best-practices/known_attacks/#dos-with-unexpected-revert`
			`* @author: ConsenSys Diligence`
			`* @vulnerable_at_lines: 24`
			`* Modified by Bernhard Mueller`
			`*/`

			`pragma solidity 0.4.24;`

			`contract Refunder {`

			`address[] private refundAddresses;`
			`mapping (address => uint) public refunds;`

			`constructor() {`
			`refundAddresses.push(0x79B483371E87d664cd39491b5F06250165e4b184);`
			`refundAddresses.push(0x79B483371E87d664cd39491b5F06250165e4b185);`
			`}`

			`// bad`
			`function refundAll() public {`
			`for(uint x; x < refundAddresses.length; x++) { // arbitrary length iteration based on how many addresses participated`
			`// <yes> <report> DENIAL_OF_SERVICE`
			`require(refundAddresses[x].send(refunds[refundAddresses[x]])); // doubly bad, now a single failure on send will hold up all funds`
			`}`
			`}`

			`}`