blockworks-foundation
/
solana
mirror of https://github.com/blockworks-foundation/solana.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Santize instruction index when loading instruction from sysvar (#15942)

This commit is contained in:
Justin Starry 2021-03-19 09:32:41 +08:00 committed by GitHub
parent f4db9e4275
commit 4c5660ba7a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 23 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
sdk/program/src/message.rs
View File

@ -405,7 +405,10 @@ impl Message {
data: &[u8], data: &[u8],
) -> Result<Instruction, SanitizeError> { ) -> Result<Instruction, SanitizeError> {
let mut current = 0; let mut current = 0;
let _num_instructions = read_u16(&mut current, &data)?; let num_instructions = read_u16(&mut current, &data)?;
if index >= num_instructions as usize {
return Err(SanitizeError::IndexOutOfBounds);
}
// index into the instruction byte-offset table. // index into the instruction byte-offset table.
current += index * 2; current += index * 2;
@ -863,6 +866,25 @@ mod tests {
} }
} }
#[test]
fn test_decompile_instructions_out_of_bounds() {
solana_logger::setup();
let program_id0 = Pubkey::new_unique();
let id0 = Pubkey::new_unique();
let id1 = Pubkey::new_unique();
let instructions = vec![
Instruction::new_with_bincode(program_id0, &0, vec![AccountMeta::new(id0, false)]),
Instruction::new_with_bincode(program_id0, &0, vec![AccountMeta::new(id1, true)]),
];
let message = Message::new(&instructions, Some(&id1));
let serialized = message.serialize_instructions();
assert_eq!(
Message::deserialize_instruction(instructions.len(), &serialized).unwrap_err(),
SanitizeError::IndexOutOfBounds,
);
}
#[test] #[test]
fn test_program_ids() { fn test_program_ids() {
let key0 = Pubkey::new_unique(); let key0 = Pubkey::new_unique();