Fix crash if vote state is malformed (#715)

* Fix crash if vote state is malformed * Fix vote program crash if clock rewinds Return an instruction error instead of panicking if the vote program detects the vote program's vote authority history is newer than the current clock. --------- Co-authored-by: Richard Patel <ripatel@jumptrading.com>
2024-04-10 23:12:56 +02:00 · 2024-04-10 23:12:56 +02:00 · 4b6d274887
parent e91a5e2744
commit 4b6d274887
1 changed files with 12 additions and 2 deletions
--- a/sdk/program/src/vote/state/mod.rs
+++ b/sdk/program/src/vote/state/mod.rs
@ -345,7 +345,7 @@ impl<I> CircBuf<I> {

    pub fn last(&self) -> Option<&I> {
        if !self.is_empty {
-            Some(&self.buf[self.idx])
+            self.buf.get(self.idx)
        } else {
            None
        }
@ -787,7 +787,9 @@ impl VoteState {
            // 2) not be equal to latest epoch otherwise this
            //    function would have returned TooSoonToReauthorize error
            //    above
-            assert!(target_epoch > *latest_epoch);
+            if target_epoch <= *latest_epoch {
+                return Err(InstructionError::InvalidAccountData);
+            }

            // Commit the new state
            self.prior_voters.append((
@ -1620,4 +1622,12 @@ mod tests {
        let bytes = bincode::serialize(&vote).unwrap();
        assert_eq!(vote, bincode::deserialize(&bytes).unwrap());
    }
+
+    #[test]
+    fn test_circbuf_oob() {
+        // Craft an invalid CircBuf with out-of-bounds index
+        let data: &[u8] = &[0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0x00];
+        let circ_buf: CircBuf<()> = bincode::deserialize(data).unwrap();
+        assert_eq!(circ_buf.last(), None);
+    }
 }