`get_white_listed_collections` function breaks the loop when it encounters a disabled collection
Vulnerability Details
in the get_white_listed_collections function in the bridge.cairo , there is a logic bug related to how the function handles disabled collections in the whitelist. The function is designed to return a list of whitelisted collections, but it prematurely breaks the loop when it encounters a disabled collection.
If a disabled collection is encountered in the middle of the list, the function will stop iterating and miss any subsequent enabled collections. This could lead to an incomplete list of whitelisted collections being returned.
Impact
Inconsistent whitelisting: Some valid, whitelisted collections might be excluded from the returned list.
Denial of service: Users might be unable to bridge tokens from legitimately whitelisted collections.
PoC :
Admin whitelists collections A, B, C, D in that order.
Admin disables collection B (but keeps it in the list).
When
get_white_listed_collectionsis called, it returns only [A], missing C and D.Users trying to bridge tokens from collections C or D will be denied, even though these collections are actually whitelisted.
Tools Used
Manual review
Recommendations
To fix this, the function should continue iterating even when it encounters a disabled collection, only appending enabled collections to the return list.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.