gaspersic/solana
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Always bail if program modifies a ro account (#17569)

Browse Source
This commit is contained in:
Jack May
2021-05-28 09:50:25 -07:00
committed by GitHub
parent 8924fbf6a0
commit a3240aebde
13 changed files with 248 additions and 151 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
programs/bpf/Cargo.lock generated
View File

@@ -2996,6 +2996,13 @@ dependencies = [
"solana-program 1.8.0",
]
[[package]]
name = "solana-bpf-rust-ro-account_modify"
version = "1.8.0"
dependencies = [
"solana-program 1.8.0",
]
[[package]]
name = "solana-bpf-rust-ro-modify"
version = "1.8.0"

1
programs/bpf/Cargo.toml
View File

@@ -70,6 +70,7 @@ members = [
"rust/param_passing_dep",
"rust/rand",
"rust/ro_modify",
"rust/ro_account_modify",
"rust/sanity",
"rust/sha",
"rust/spoof1",

1
programs/bpf/build.rs
View File

@@ -83,6 +83,7 @@ fn main() {
"param_passing",
"rand",
"ro_modify",
"ro_account_modify",
"sanity",
"sha",
"spoof1",

38
programs/bpf/c/src/invoke/invoke.c
View File

@@ -17,6 +17,7 @@ static const uint8_t TEST_INSTRUCTION_META_TOO_LARGE = 10;
static const uint8_t TEST_RETURN_ERROR = 11;
static const uint8_t TEST_PRIVILEGE_DEESCALATION_ESCALATION_SIGNER = 12;
static const uint8_t TEST_PRIVILEGE_DEESCALATION_ESCALATION_WRITABLE = 13;
static const uint8_t TEST_WRITABLE_DEESCALATION_WRITABLE = 14;
static const int MINT_INDEX = 0;
static const int ARGUMENT_INDEX = 1;
@@ -271,24 +272,6 @@ extern uint64_t entrypoint(const uint8_t *input) {
sol_assert(accounts[ARGUMENT_INDEX].data[i] == 0);
}
}
sol_log("Test writable deescalation");
{
uint8_t buffer[10];
for (int i = 0; i < 10; i++) {
buffer[i] = accounts[INVOKED_ARGUMENT_INDEX].data[i];
}
SolAccountMeta arguments[] = {
{accounts[INVOKED_ARGUMENT_INDEX].key, false, false}};
uint8_t data[] = {WRITE_ACCOUNT, 10};
const SolInstruction instruction = {accounts[INVOKED_PROGRAM_INDEX].key,
arguments, SOL_ARRAY_SIZE(arguments),
data, SOL_ARRAY_SIZE(data)};
sol_invoke(&instruction, accounts, SOL_ARRAY_SIZE(accounts));
for (int i = 0; i < 10; i++) {
sol_assert(buffer[i] == accounts[INVOKED_ARGUMENT_INDEX].data[i]);
}
}
break;
}
case TEST_PRIVILEGE_ESCALATION_SIGNER: {
@@ -521,6 +504,25 @@ extern uint64_t entrypoint(const uint8_t *input) {
sol_invoke(&instruction, accounts, SOL_ARRAY_SIZE(accounts)));
break;
}
case TEST_WRITABLE_DEESCALATION_WRITABLE: {
sol_log("Test writable deescalation");
uint8_t buffer[10];
for (int i = 0; i < 10; i++) {
buffer[i] = accounts[INVOKED_ARGUMENT_INDEX].data[i];
}
SolAccountMeta arguments[] = {
{accounts[INVOKED_ARGUMENT_INDEX].key, false, false}};
uint8_t data[] = {WRITE_ACCOUNT, 10};
const SolInstruction instruction = {accounts[INVOKED_PROGRAM_INDEX].key,
arguments, SOL_ARRAY_SIZE(arguments),
data, SOL_ARRAY_SIZE(data)};
sol_invoke(&instruction, accounts, SOL_ARRAY_SIZE(accounts));
for (int i = 0; i < 10; i++) {
sol_assert(buffer[i] == accounts[INVOKED_ARGUMENT_INDEX].data[i]);
}
break;
}
default:
sol_panic();
}

41
programs/bpf/rust/invoke/src/lib.rs
View File

@@ -29,6 +29,7 @@ const TEST_INSTRUCTION_META_TOO_LARGE: u8 = 10;
const TEST_RETURN_ERROR: u8 = 11;
const TEST_PRIVILEGE_DEESCALATION_ESCALATION_SIGNER: u8 = 12;
const TEST_PRIVILEGE_DEESCALATION_ESCALATION_WRITABLE: u8 = 13;
const TEST_WRITABLE_DEESCALATION_WRITABLE: u8 = 14;
// const MINT_INDEX: usize = 0;
const ARGUMENT_INDEX: usize = 1;
@@ -354,27 +355,6 @@ fn process_instruction(
}
}
msg!("Test writable deescalation");
{
const NUM_BYTES: usize = 10;
let mut buffer = [0; NUM_BYTES];
buffer.copy_from_slice(
&accounts[INVOKED_ARGUMENT_INDEX].data.borrow_mut()[..NUM_BYTES],
);
let instruction = create_instruction(
*accounts[INVOKED_PROGRAM_INDEX].key,
&[(accounts[INVOKED_ARGUMENT_INDEX].key, false, false)],
vec![WRITE_ACCOUNT, NUM_BYTES as u8],
);
let _ = invoke(&instruction, accounts);
assert_eq!(
buffer,
accounts[INVOKED_ARGUMENT_INDEX].data.borrow_mut()[..NUM_BYTES]
);
}
msg!("Create account and init data");
{
let from_lamports = accounts[FROM_INDEX].lamports();
@@ -603,6 +583,25 @@ fn process_instruction(
);
invoke(&invoked_instruction, accounts)?;
}
TEST_WRITABLE_DEESCALATION_WRITABLE => {
msg!("Test writable deescalation writable");
const NUM_BYTES: usize = 10;
let mut buffer = [0; NUM_BYTES];
buffer
.copy_from_slice(&accounts[INVOKED_ARGUMENT_INDEX].data.borrow_mut()[..NUM_BYTES]);
let instruction = create_instruction(
*accounts[INVOKED_PROGRAM_INDEX].key,
&[(accounts[INVOKED_ARGUMENT_INDEX].key, false, false)],
vec![WRITE_ACCOUNT, NUM_BYTES as u8],
);
let _ = invoke(&instruction, accounts);
assert_eq!(
buffer,
accounts[INVOKED_ARGUMENT_INDEX].data.borrow_mut()[..NUM_BYTES]
);
}
_ => panic!(),
}

19
programs/bpf/rust/ro_account_modify/Cargo.toml Normal file
View File

@@ -0,0 +1,19 @@
[package]
name = "solana-bpf-rust-ro-account_modify"
version = "1.8.0"
description = "Solana BPF test program written in Rust"
authors = ["Solana Maintainers <maintainers@solana.foundation>"]
repository = "https://github.com/solana-labs/solana"
license = "Apache-2.0"
homepage = "https://solana.com/"
documentation = "https://docs.rs/solana-bpf-rust-ro-modify"
edition = "2018"
[dependencies]
solana-program = { path = "../../../../sdk/program", version = "=1.8.0" }
[lib]
crate-type = ["cdylib"]
[package.metadata.docs.rs]
targets = ["x86_64-unknown-linux-gnu"]

70
programs/bpf/rust/ro_account_modify/src/lib.rs Normal file
View File

@@ -0,0 +1,70 @@
use solana_program::{
account_info::AccountInfo,
entrypoint,
entrypoint::ProgramResult,
instruction::{AccountMeta, Instruction},
msg,
program::invoke,
pubkey::Pubkey,
};
const ARGUMENT_INDEX: usize = 0;
const INSTRUCTION_MODIFY: u8 = 0;
const INSTRUCTION_INVOKE_MODIFY: u8 = 1;
const INSTRUCTION_MODIFY_INVOKE: u8 = 2;
const INSTRUCTION_VERIFY_MODIFIED: u8 = 3;
entrypoint!(process_instruction);
fn process_instruction(
program_id: &Pubkey,
accounts: &[AccountInfo],
instruction_data: &[u8],
) -> ProgramResult {
assert!(!accounts[ARGUMENT_INDEX].is_writable);
match instruction_data[0] {
INSTRUCTION_MODIFY => {
msg!("modify ro account");
assert_eq!(0, accounts[ARGUMENT_INDEX].try_borrow_data()?[0]);
accounts[ARGUMENT_INDEX].try_borrow_mut_data()?[0] = 1;
}
INSTRUCTION_INVOKE_MODIFY => {
msg!("invoke and modify ro account");
assert_eq!(0, accounts[ARGUMENT_INDEX].try_borrow_data()?[0]);
let instruction = Instruction {
program_id: *program_id,
accounts: vec![AccountMeta::new_readonly(
*accounts[ARGUMENT_INDEX].key,
false,
)],
data: vec![INSTRUCTION_MODIFY],
};
invoke(&instruction, accounts)?;
}
INSTRUCTION_MODIFY_INVOKE => {
msg!("modify and invoke ro account");
assert_eq!(0, accounts[ARGUMENT_INDEX].try_borrow_data()?[0]);
accounts[ARGUMENT_INDEX].try_borrow_mut_data()?[0] = 1;
let instruction = Instruction {
program_id: *program_id,
accounts: vec![AccountMeta::new_readonly(
*accounts[ARGUMENT_INDEX].key,
false,
)],
data: vec![INSTRUCTION_VERIFY_MODIFIED],
};
invoke(&instruction, accounts)?;
}
INSTRUCTION_VERIFY_MODIFIED => {
msg!("verify modified");
assert_eq!(1, accounts[ARGUMENT_INDEX].try_borrow_data()?[0])
}
_ => panic!("Unknown instruction"),
}
Ok(())
}

77
programs/bpf/tests/programs.rs
View File

@@ -17,7 +17,7 @@ use solana_bpf_loader_program::{
use solana_cli_output::display::println_transaction;
use solana_rbpf::{
static_analysis::Analysis,
vm::{Config, Executable, Tracer}
vm::{Config, Executable, Tracer},
};
use solana_runtime::{
bank::{Bank, ExecuteTimings, NonceRollbackInfo, TransactionBalancesSet, TransactionResults},
@@ -278,7 +278,6 @@ fn run_program(
&bpf_loader::id(),
parameter_accounts,
parameter_bytes.as_slice(),
true,
)
.unwrap();
}
@@ -757,6 +756,7 @@ fn test_program_bpf_invoke_sanity() {
const TEST_RETURN_ERROR: u8 = 11;
const TEST_PRIVILEGE_DEESCALATION_ESCALATION_SIGNER: u8 = 12;
const TEST_PRIVILEGE_DEESCALATION_ESCALATION_WRITABLE: u8 = 13;
const TEST_WRITABLE_DEESCALATION_WRITABLE: u8 = 14;
#[allow(dead_code)]
#[derive(Debug)]
@@ -874,7 +874,6 @@ fn test_program_bpf_invoke_sanity() {
invoked_program_id.clone(),
invoked_program_id.clone(),
invoked_program_id.clone(),
invoked_program_id.clone(),
],
Languages::Rust => vec![
solana_sdk::system_program::id(),
@@ -894,7 +893,6 @@ fn test_program_bpf_invoke_sanity() {
invoked_program_id.clone(),
invoked_program_id.clone(),
invoked_program_id.clone(),
invoked_program_id.clone(),
solana_sdk::system_program::id(),
],
};
@@ -1000,6 +998,12 @@ fn test_program_bpf_invoke_sanity() {
&[invoked_program_id.clone()],
);
do_invoke_failure_test_local(
TEST_WRITABLE_DEESCALATION_WRITABLE,
TransactionError::InstructionError(0, InstructionError::ReadonlyDataModified),
&[invoked_program_id.clone()],
);
// Check resulting state
assert_eq!(43, bank.get_balance(&derived_key1));
@@ -2454,3 +2458,68 @@ fn test_program_bpf_finalize() {
TransactionError::InstructionError(0, InstructionError::ProgramFailedToComplete)
);
}
#[cfg(feature = "bpf_rust")]
#[test]
fn test_program_bpf_ro_account_modify() {
solana_logger::setup();
let GenesisConfigInfo {
genesis_config,
mint_keypair,
..
} = create_genesis_config(50);
let mut bank = Bank::new(&genesis_config);
let (name, id, entrypoint) = solana_bpf_loader_program!();
bank.add_builtin(&name, id, entrypoint);
let bank = Arc::new(bank);
let bank_client = BankClient::new_shared(&bank);
let program_id = load_bpf_program(
&bank_client,
&bpf_loader::id(),
&mint_keypair,
"solana_bpf_rust_ro_account_modify",
);
let argument_keypair = Keypair::new();
let account = AccountSharedData::new(42, 100, &program_id);
bank.store_account(&argument_keypair.pubkey(), &account);
let from_keypair = Keypair::new();
let account = AccountSharedData::new(84, 0, &solana_sdk::system_program::id());
bank.store_account(&from_keypair.pubkey(), &account);
let mint_pubkey = mint_keypair.pubkey();
let account_metas = vec![
AccountMeta::new_readonly(argument_keypair.pubkey(), false),
AccountMeta::new_readonly(program_id, false),
];
let instruction = Instruction::new_with_bytes(program_id, &[0], account_metas.clone());
let message = Message::new(&[instruction], Some(&mint_pubkey));
let result = bank_client.send_and_confirm_message(&[&mint_keypair], message);
println!("result: {:?}", result);
assert_eq!(
result.unwrap_err().unwrap(),
TransactionError::InstructionError(0, InstructionError::ReadonlyDataModified)
);
let instruction = Instruction::new_with_bytes(program_id, &[1], account_metas.clone());
let message = Message::new(&[instruction], Some(&mint_pubkey));
let result = bank_client.send_and_confirm_message(&[&mint_keypair], message);
println!("result: {:?}", result);
assert_eq!(
result.unwrap_err().unwrap(),
TransactionError::InstructionError(0, InstructionError::ReadonlyDataModified)
);
let instruction = Instruction::new_with_bytes(program_id, &[2], account_metas.clone());
let message = Message::new(&[instruction], Some(&mint_pubkey));
let result = bank_client.send_and_confirm_message(&[&mint_keypair], message);
println!("result: {:?}", result);
assert_eq!(
result.unwrap_err().unwrap(),
TransactionError::InstructionError(0, InstructionError::ReadonlyDataModified)
);
}