File: bridge.cairo
The white list management logic uses a linked list structure to handle collections. This logic might result in potential issues if the list is not carefully managed, especially when removing or adding elements. If the linked list is corrupted (e.g., due to a missing or incorrect update), it could lead to incorrect handling of white-listed collections, potentially allowing unauthorized collections to pass or blocking authorized ones.
Assume that during the removal of an element from the white list, the contract fails to correctly update the head or tail of the list, resulting in a corrupted state. This could lead to an incorrect state where either unauthorized collections remain whitelisted or all collections become inaccessible.
Manual Review
Ensure that edge cases (e.g., empty list, single-element list) are explicitly handled in the linked list logic to avoid unexpected behavior
ln 517
Please, do not suppose impacts, think about the real impact of the bug and check the CodeHawks documentation to confirm: https://docs.codehawks.com/hawks-auditors/how-to-determine-a-finding-validity A PoC always helps to understand the real impact possible.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.