From 25fe93e9fb1c822796362a0d5012377b8ea06228 Mon Sep 17 00:00:00 2001 From: Jack May Date: Mon, 11 Jan 2021 14:36:52 -0800 Subject: [PATCH] Check native account owner (#14535) (cherry picked from commit 8ad5931bfcf809aa10fc2b8014abc87bcbe73464) --- runtime/src/message_processor.rs | 2 +- runtime/src/native_loader.rs | 12 +++++++++++- 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/runtime/src/message_processor.rs b/runtime/src/message_processor.rs index 71d3669954..fa64e23a12 100644 --- a/runtime/src/message_processor.rs +++ b/runtime/src/message_processor.rs @@ -487,7 +487,7 @@ impl MessageProcessor { } // Call the program via the native loader return self.native_loader.process_instruction( - program_id, + &native_loader::id(), keyed_accounts, instruction_data, invoke_context, diff --git a/runtime/src/native_loader.rs b/runtime/src/native_loader.rs index 20ca59191e..983e545e24 100644 --- a/runtime/src/native_loader.rs +++ b/runtime/src/native_loader.rs @@ -10,6 +10,7 @@ use solana_sdk::{ entrypoint_native::ProgramEntrypoint, instruction::InstructionError, keyed_account::{next_keyed_account, KeyedAccount}, + native_loader, process_instruction::{InvokeContext, LoaderEntrypoint}, pubkey::Pubkey, }; @@ -126,13 +127,22 @@ impl NativeLoader { pub fn process_instruction( &self, - _program_id: &Pubkey, + program_id: &Pubkey, keyed_accounts: &[KeyedAccount], instruction_data: &[u8], invoke_context: &dyn InvokeContext, ) -> Result<(), InstructionError> { let mut keyed_accounts_iter = keyed_accounts.iter(); let program = next_keyed_account(&mut keyed_accounts_iter)?; + if native_loader::id() != *program_id { + error!("Program id mismatch"); + return Err(InstructionError::IncorrectProgramId); + } + if program.owner()? != *program_id { + error!("Executable account now owned by loader"); + return Err(InstructionError::IncorrectProgramId); + } + let params = keyed_accounts_iter.as_slice(); let name_vec = &program.try_account_ref()?.data; let name = match str::from_utf8(name_vec) {