Input values are not sanitized after they are deserialized, making it far too easy for Leo to earn SOL (bp #9706) (#9736)

automerge

runtime/src/bank.rs

@@ -44,6 +44,7 @@ use solana_sdk::{
     inflation::Inflation,
     native_loader, nonce,
     pubkey::Pubkey,
+    sanitize::Sanitize,
     signature::{Keypair, Signature},
     slot_hashes::SlotHashes,
     slot_history::SlotHistory,
@@ -1076,7 +1077,7 @@ impl Bank {
         OrderedIterator::new(txs, iteration_order)
             .zip(lock_results)
             .map(|(tx, lock_res)| {
-                if lock_res.is_ok() && !tx.verify_refs() {
+                if lock_res.is_ok() && tx.sanitize().is_err() {
                     error_counters.invalid_account_index += 1;
                     Err(TransactionError::InvalidAccountIndex)
                 } else {

runtime/src/bloom.rs

@@ -19,6 +19,8 @@ pub struct Bloom<T: BloomHashIndex> {
     _phantom: PhantomData<T>,
 }
 
+impl<T: BloomHashIndex> solana_sdk::sanitize::Sanitize for Bloom<T> {}
+
 impl<T: BloomHashIndex> Bloom<T> {
     pub fn new(num_bits: usize, keys: Vec<u64>) -> Self {
         let bits = BitVec::new_fill(false, num_bits as u64);