From bdb77b0c982bdaa0272ebec663ac301bebe5e3c5 Mon Sep 17 00:00:00 2001
From: "mergify[bot]" <37929162+mergify[bot]@users.noreply.github.com>
Date: Fri, 27 Aug 2021 10:19:14 -0600
Subject: [PATCH] Add missing owner check to bpf loader close ix (#19460)
 (#19470)

(cherry picked from commit 4305d4b7b186be71a929fa32e78724a4674bdd65)

Co-authored-by: Justin Starry <justin@solana.com>
---
 programs/bpf_loader/src/lib.rs | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/programs/bpf_loader/src/lib.rs b/programs/bpf_loader/src/lib.rs
index 52452a7321..93ae42a35e 100644
--- a/programs/bpf_loader/src/lib.rs
+++ b/programs/bpf_loader/src/lib.rs
@@ -696,6 +696,10 @@ fn process_loader_upgradeable_instruction(
                         ic_logger_msg!(logger, "Program account is not writable");
                         return Err(InstructionError::InvalidArgument);
                     }
+                    if &program_account.owner()? != program_id {
+                        ic_logger_msg!(logger, "Program account not owned by loader");
+                        return Err(InstructionError::IncorrectProgramId);
+                    }
 
                     match program_account.state()? {
                         UpgradeableLoaderState::Program {