blockworks-foundation
/
solana-with-rpc-optimizations
mirror of https://github.com/blockworks-foundation/solana-with-rpc-optimizations.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix test 

The test was meant to ensure the signature covered the 'tokens'
field, but then when the 'plan' field was rolled in, Transaction::verify()
started failing because Plan::verify() failed. When Transaction::verify()
was split into two, the unexpected failure was exposed but went unnoticed.
This patch brings it back to its original intent, to ensure signature
verification fails if the network attempts to change the client's payment.
This commit is contained in:
Greg Fitzgerald 2018-04-11 22:11:01 -06:00
parent 705228ecc2
commit 51633f509d
1 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/transaction.rs
View File

@ -167,13 +167,17 @@ mod tests {
}
#[test]
fn test_bad_event_signature() {
fn test_token_attack() {
let zero = Hash::default();
let keypair = KeyPair::new();
let pubkey = keypair.pubkey();
let mut tr = Transaction::new(&keypair, pubkey, 42, zero);
tr.data.tokens = 1_000_000; // <-- attack!
assert!(!tr.verify_plan());
tr.data.tokens = 1_000_000; // <-- attack, part 1!
if let Plan::Pay(ref mut payment) = tr.data.plan {
payment.tokens = tr.data.tokens; // <-- attack, part 2!
};
assert!(tr.verify_plan());
assert!(!tr.verify_sig());
}
#[test]