Unbounded Loop

What it detects

Loops without explicit bounds can grow with user input or contract state, consuming all available gas and causing transactions to fail. The detector searches for for or while statements lacking clear termination conditions.

Typical symptoms

Loop uses array length that user can expand
No maximum iteration count enforced

Solidity snippet (v0.8.25)

pragma solidity ^0.8.25;

contract Endless {
    uint256[] public list;

    function sum() external view returns (uint256 s) {
        for (uint256 i = 0; i < list.length; i++) {
            // list length may be unbounded
            s += list[i];
        }
    }
}

Why it matters on EVM

Unbounded loops can halt contract functions and enable denial-of-service attacks if they run out of gas.

What it detects​

Typical symptoms​

Solidity snippet (v0.8.25)​

Why it matters on EVM​

What it detects

Typical symptoms

Solidity snippet (v0.8.25)

Why it matters on EVM