gaspersic/solana
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Limit deserialization of program inputs (#6522)

Browse Source
This commit is contained in:
Jack May
2019-10-23 19:56:07 -07:00
committed by GitHub
parent 955d0ab76f
commit ddefc96433
12 changed files with 42 additions and 52 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
programs/storage_api/src/storage_processor.rs
View File

@@ -5,6 +5,7 @@ use crate::storage_contract::StorageAccount;
use crate::storage_instruction::StorageInstruction;
use solana_sdk::account::KeyedAccount;
use solana_sdk::instruction::InstructionError;
use solana_sdk::instruction_processor_utils::limited_deserialize;
use solana_sdk::pubkey::Pubkey;
use solana_sdk::sysvar;
@@ -19,7 +20,7 @@ pub fn process_instruction(
let me_unsigned = me[0].signer_key().is_none();
let mut storage_account = StorageAccount::new(*me[0].unsigned_key(), &mut me[0].account);
match bincode::deserialize(data).map_err(|_| InstructionError::InvalidInstructionData)? {
match limited_deserialize(data)? {
StorageInstruction::InitializeStorage {
owner,
account_type,