Project
One World
NFTDeFi
15,000 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

Cursor Handling for One World CurrencyManager Contract

udo

Summary

There is a potential issue with the way viewWhitelistedCurrencies function handles the cursor parameter. The function does not properly validate the cursor value, which could lead to the function returning invalid data or providing incorrect information to the client.

Vulnerability Details

The viewWhitelistedCurrencies function takes two parameters: cursor and size. The function's documentation states that the cursor "should start at 0 for first request". However, the function does not explicitly check if the cursor value is within the valid range of the _whitelistedCurrencies array.

If a client were to provide a cursor value that is larger than the number of whitelisted currencies, the function would still attempt to return an array of currencies, but with an invalid length. This could lead to unexpected behavior or errors on the client-side

Impact

The lack of proper validation for the cursor parameter could result in the following issues:

  1. Incorrect data returned: If the cursor value is beyond the end of the _whitelistedCurrencies array, the function will still try to return an array of currencies, but the length of the array will be negative or zero. This could lead to the client receiving invalid data or an empty array when they were expecting a non-empty response.

  2. Potential exceptions or errors: Attempting to access currencies beyond the end of the array could cause exceptions or errors in the function's implementation, leading to unexpected behavior or failures in the overall system.

Tools Used

Manual review

Recommendations

Implement Explicit Cursor Validation: Add a check at the beginning of the viewWhitelistedCurrencies function to ensure that the cursor value is within the valid range of the _whitelistedCurrencies array. This can be done by comparing the cursor to the total length of the array.

function viewWhitelistedCurrencies(
uint256 cursor,
uint256 size
) external view override returns (address[] memory, uint256) {
uint256 totalCurrencies = _whitelistedCurrencies.length();
require(cursor < totalCurrencies, "Cursor value is beyond the end of the array");
// Rest of the function implementation
}

  1. Handle Out-of-Bounds Cursor Values: If the cursor value is beyond the end of the array, return an empty array and a cursor value that indicates there are no more items to fetch. This will provide a clear signal to the client that the requested data is not available.

    function viewWhitelistedCurrencies(
    uint256 cursor,
    uint256 size
    ) external view override returns (address[] memory, uint256) {
    uint256 totalCurrencies = _whitelistedCurrencies.length();
    if (cursor >= totalCurrencies) {
    return (new address[](0), totalCurrencies);
    }
    // Rest of the function implementation
    }

Updates

Lead Judging Commences

0xbrivan2 Lead Judge 7 months ago
Submission Judgement Published
Invalidated
Reason: Incorrect statement
0xbrivan2 Lead Judge 7 months ago
Submission Judgement Published
Invalidated
Reason: Incorrect statement

Appeal created

udo Submitter
7 months ago
0xbrivan2 Lead Judge
7 months ago
0xbrivan2 Lead Judge 7 months ago
Submission Judgement Published
Invalidated
Reason: Incorrect statement

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.