diff --git a/runtime/src/system_instruction_processor.rs b/runtime/src/system_instruction_processor.rs index b432590bc7..4f2ab82969 100644 --- a/runtime/src/system_instruction_processor.rs +++ b/runtime/src/system_instruction_processor.rs @@ -37,12 +37,6 @@ fn create_system_account( return Err(SystemError::AccountAlreadyInUse.into()); } - // guard against sysvars being made - if sysvar::check_id(&program_id) { - debug!("CreateAccount: program id {} invalid", program_id); - return Err(SystemError::InvalidProgramId.into()); - } - if sysvar::is_sysvar_id(&to.unsigned_key()) { debug!("CreateAccount: account id {} invalid", program_id); return Err(SystemError::InvalidAccountId.into()); @@ -55,9 +49,10 @@ fn create_system_account( ); return Err(SystemError::ResultWithNegativeLamports.into()); } + + assign_account_to_program(to, program_id)?; from.account.lamports -= lamports; to.account.lamports += lamports; - to.account.owner = *program_id; to.account.data = vec![0; space as usize]; to.account.executable = false; Ok(()) @@ -72,6 +67,12 @@ fn assign_account_to_program( return Err(InstructionError::MissingRequiredSignature); } + // guard against sysvars being assigned + if sysvar::check_id(&program_id) { + debug!("Assign: program id {} invalid", program_id); + return Err(SystemError::InvalidProgramId.into()); + } + account.account.owner = *program_id; Ok(()) } @@ -409,6 +410,22 @@ mod tests { ); } + #[test] + fn test_assign_account_to_sysvar() { + let new_program_owner = sysvar::id(); + + let from = Pubkey::new_rand(); + let mut from_account = Account::new(100, 0, &system_program::id()); + + assert_eq!( + assign_account_to_program( + &mut KeyedAccount::new(&from, true, &mut from_account), + &new_program_owner, + ), + Err(SystemError::InvalidProgramId.into()) + ); + } + #[test] fn test_process_bogus_instruction() { // Attempt to assign with no accounts