gaspersic/solana
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Bail on all CPI errors (#14500)

Browse Source 
* Bail on all CPI errors

* whitespace
This commit is contained in:
Jack May
2021-01-08 18:27:39 -08:00
committed by GitHub
parent 638f225dc4
commit ec48631fc5
9 changed files with 127 additions and 110 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
programs/bpf/c/src/invoke/invoke.c
View File

@ -14,6 +14,7 @@ static const uint8_t TEST_CAP_SIGNERS = 7;
static const uint8_t TEST_ALLOC_ACCESS_VIOLATION = 8; static const uint8_t TEST_ALLOC_ACCESS_VIOLATION = 8;
static const uint8_t TEST_INSTRUCTION_DATA_TOO_LARGE = 9; static const uint8_t TEST_INSTRUCTION_DATA_TOO_LARGE = 9;
static const uint8_t TEST_INSTRUCTION_META_TOO_LARGE = 10; static const uint8_t TEST_INSTRUCTION_META_TOO_LARGE = 10;
static const uint8_t TEST_RETURN_ERROR = 11;
static const int MINT_INDEX = 0; static const int MINT_INDEX = 0;
static const int ARGUMENT_INDEX = 1; static const int ARGUMENT_INDEX = 1;
@ -112,7 +113,7 @@ extern uint64_t entrypoint(const uint8_t *input) {
{accounts[INVOKED_ARGUMENT_INDEX].key, true, true}, {accounts[INVOKED_ARGUMENT_INDEX].key, true, true},
{accounts[INVOKED_PROGRAM_INDEX].key, false, false}, {accounts[INVOKED_PROGRAM_INDEX].key, false, false},
{accounts[INVOKED_PROGRAM_DUP_INDEX].key, false, false}}; {accounts[INVOKED_PROGRAM_DUP_INDEX].key, false, false}};
uint8_t data[] = {TEST_VERIFY_TRANSLATIONS, 1, 2, 3, 4, 5}; uint8_t data[] = {VERIFY_TRANSLATIONS, 1, 2, 3, 4, 5};
const SolInstruction instruction = {accounts[INVOKED_PROGRAM_INDEX].key, const SolInstruction instruction = {accounts[INVOKED_PROGRAM_INDEX].key,
arguments, SOL_ARRAY_SIZE(arguments), arguments, SOL_ARRAY_SIZE(arguments),
data, SOL_ARRAY_SIZE(data)}; data, SOL_ARRAY_SIZE(data)};
@ -133,18 +134,6 @@ extern uint64_t entrypoint(const uint8_t *input) {
sol_invoke(&instruction, accounts, SOL_ARRAY_SIZE(accounts))); sol_invoke(&instruction, accounts, SOL_ARRAY_SIZE(accounts)));
} }
sol_log("Test return error");
{
SolAccountMeta arguments[] = {{accounts[ARGUMENT_INDEX].key, true, true}};
uint8_t data[] = {TEST_RETURN_ERROR};
const SolInstruction instruction = {accounts[INVOKED_PROGRAM_INDEX].key,
arguments, SOL_ARRAY_SIZE(arguments),
data, SOL_ARRAY_SIZE(data)};
sol_assert(42 ==
sol_invoke(&instruction, accounts, SOL_ARRAY_SIZE(accounts)));
}
sol_log("Test create_program_address"); sol_log("Test create_program_address");
{ {
uint8_t seed1[] = {'Y', 'o', 'u', ' ', 'p', 'a', 's', 's', uint8_t seed1[] = {'Y', 'o', 'u', ' ', 'p', 'a', 's', 's',
@ -183,7 +172,7 @@ extern uint64_t entrypoint(const uint8_t *input) {
{accounts[DERIVED_KEY1_INDEX].key, true, true}, {accounts[DERIVED_KEY1_INDEX].key, true, true},
{accounts[DERIVED_KEY2_INDEX].key, true, false}, {accounts[DERIVED_KEY2_INDEX].key, true, false},
{accounts[DERIVED_KEY3_INDEX].key, false, false}}; {accounts[DERIVED_KEY3_INDEX].key, false, false}};
uint8_t data[] = {TEST_DERIVED_SIGNERS, bump_seed2, bump_seed3}; uint8_t data[] = {DERIVED_SIGNERS, bump_seed2, bump_seed3};
const SolInstruction instruction = {accounts[INVOKED_PROGRAM_INDEX].key, const SolInstruction instruction = {accounts[INVOKED_PROGRAM_INDEX].key,
arguments, SOL_ARRAY_SIZE(arguments), arguments, SOL_ARRAY_SIZE(arguments),
data, SOL_ARRAY_SIZE(data)}; data, SOL_ARRAY_SIZE(data)};
@ -202,7 +191,7 @@ extern uint64_t entrypoint(const uint8_t *input) {
{ {
SolAccountMeta arguments[] = { SolAccountMeta arguments[] = {
{accounts[INVOKED_ARGUMENT_INDEX].key, true, false}}; {accounts[INVOKED_ARGUMENT_INDEX].key, true, false}};
uint8_t data[] = {TEST_VERIFY_WRITER}; uint8_t data[] = {VERIFY_WRITER};
const SolInstruction instruction = {accounts[INVOKED_PROGRAM_INDEX].key, const SolInstruction instruction = {accounts[INVOKED_PROGRAM_INDEX].key,
arguments, SOL_ARRAY_SIZE(arguments), arguments, SOL_ARRAY_SIZE(arguments),
data, SOL_ARRAY_SIZE(data)}; data, SOL_ARRAY_SIZE(data)};
@ -222,7 +211,7 @@ extern uint64_t entrypoint(const uint8_t *input) {
{accounts[INVOKED_ARGUMENT_INDEX].key, true, true}, {accounts[INVOKED_ARGUMENT_INDEX].key, true, true},
{accounts[ARGUMENT_INDEX].key, true, true}, {accounts[ARGUMENT_INDEX].key, true, true},
{accounts[INVOKED_PROGRAM_DUP_INDEX].key, false, false}}; {accounts[INVOKED_PROGRAM_DUP_INDEX].key, false, false}};
uint8_t data[] = {TEST_NESTED_INVOKE}; uint8_t data[] = {NESTED_INVOKE};
const SolInstruction instruction = {accounts[INVOKED_PROGRAM_INDEX].key, const SolInstruction instruction = {accounts[INVOKED_PROGRAM_INDEX].key,
arguments, SOL_ARRAY_SIZE(arguments), arguments, SOL_ARRAY_SIZE(arguments),
data, SOL_ARRAY_SIZE(data)}; data, SOL_ARRAY_SIZE(data)};
@ -252,7 +241,7 @@ extern uint64_t entrypoint(const uint8_t *input) {
sol_log("Test privilege escalation signer"); sol_log("Test privilege escalation signer");
SolAccountMeta arguments[] = { SolAccountMeta arguments[] = {
{accounts[DERIVED_KEY3_INDEX].key, false, false}}; {accounts[DERIVED_KEY3_INDEX].key, false, false}};
uint8_t data[] = {TEST_VERIFY_PRIVILEGE_ESCALATION}; uint8_t data[] = {VERIFY_PRIVILEGE_ESCALATION};
const SolInstruction instruction = {accounts[INVOKED_PROGRAM_INDEX].key, const SolInstruction instruction = {accounts[INVOKED_PROGRAM_INDEX].key,
arguments, SOL_ARRAY_SIZE(arguments), arguments, SOL_ARRAY_SIZE(arguments),
data, SOL_ARRAY_SIZE(data)}; data, SOL_ARRAY_SIZE(data)};
@ -268,7 +257,7 @@ extern uint64_t entrypoint(const uint8_t *input) {
sol_log("Test privilege escalation writable"); sol_log("Test privilege escalation writable");
SolAccountMeta arguments[] = { SolAccountMeta arguments[] = {
{accounts[DERIVED_KEY3_INDEX].key, false, false}}; {accounts[DERIVED_KEY3_INDEX].key, false, false}};
uint8_t data[] = {TEST_VERIFY_PRIVILEGE_ESCALATION}; uint8_t data[] = {VERIFY_PRIVILEGE_ESCALATION};
const SolInstruction instruction = {accounts[INVOKED_PROGRAM_INDEX].key, const SolInstruction instruction = {accounts[INVOKED_PROGRAM_INDEX].key,
arguments, SOL_ARRAY_SIZE(arguments), arguments, SOL_ARRAY_SIZE(arguments),
data, SOL_ARRAY_SIZE(data)}; data, SOL_ARRAY_SIZE(data)};
@ -284,7 +273,7 @@ extern uint64_t entrypoint(const uint8_t *input) {
sol_log("Test program not executable"); sol_log("Test program not executable");
SolAccountMeta arguments[] = { SolAccountMeta arguments[] = {
{accounts[DERIVED_KEY3_INDEX].key, false, false}}; {accounts[DERIVED_KEY3_INDEX].key, false, false}};
uint8_t data[] = {TEST_VERIFY_PRIVILEGE_ESCALATION}; uint8_t data[] = {VERIFY_PRIVILEGE_ESCALATION};
const SolInstruction instruction = {accounts[ARGUMENT_INDEX].key, arguments, const SolInstruction instruction = {accounts[ARGUMENT_INDEX].key, arguments,
SOL_ARRAY_SIZE(arguments), data, SOL_ARRAY_SIZE(arguments), data,
SOL_ARRAY_SIZE(data)}; SOL_ARRAY_SIZE(data)};
@ -437,6 +426,16 @@ extern uint64_t entrypoint(const uint8_t *input) {
break; break;
} }
case TEST_RETURN_ERROR: {
SolAccountMeta arguments[] = {{accounts[ARGUMENT_INDEX].key, true, true}};
uint8_t data[] = {RETURN_ERROR};
const SolInstruction instruction = {accounts[INVOKED_PROGRAM_INDEX].key,
arguments, SOL_ARRAY_SIZE(arguments),
data, SOL_ARRAY_SIZE(data)};
sol_invoke(&instruction, accounts, SOL_ARRAY_SIZE(accounts));
break;
}
default: default:
sol_panic(); sol_panic();
} }

15
programs/bpf/c/src/invoked/instruction.h
View File

@ -4,10 +4,11 @@
#include <solana_sdk.h> #include <solana_sdk.h>
const uint8_t TEST_VERIFY_TRANSLATIONS = 0; const uint8_t VERIFY_TRANSLATIONS = 0;
const uint8_t TEST_RETURN_ERROR = 1; const uint8_t RETURN_ERROR = 1;
const uint8_t TEST_DERIVED_SIGNERS = 2; const uint8_t DERIVED_SIGNERS = 2;
const uint8_t TEST_VERIFY_NESTED_SIGNERS = 3; const uint8_t VERIFY_NESTED_SIGNERS = 3;
const uint8_t TEST_VERIFY_WRITER = 4; const uint8_t VERIFY_WRITER = 4;
const uint8_t TEST_VERIFY_PRIVILEGE_ESCALATION = 5; const uint8_t VERIFY_PRIVILEGE_ESCALATION = 5;
const uint8_t TEST_NESTED_INVOKE = 6; const uint8_t NESTED_INVOKE = 6;
const uint8_t RETURN_OK = 7;

22
programs/bpf/c/src/invoked/invoked.c
View File

@ -17,7 +17,7 @@ extern uint64_t entrypoint(const uint8_t *input) {
} }
switch (params.data[0]) { switch (params.data[0]) {
case TEST_VERIFY_TRANSLATIONS: { case VERIFY_TRANSLATIONS: {
sol_log("verify data translations"); sol_log("verify data translations");
static const int ARGUMENT_INDEX = 0; static const int ARGUMENT_INDEX = 0;
@ -85,11 +85,15 @@ extern uint64_t entrypoint(const uint8_t *input) {
accounts[INVOKED_PROGRAM_DUP_INDEX].executable); accounts[INVOKED_PROGRAM_DUP_INDEX].executable);
break; break;
} }
case TEST_RETURN_ERROR: { case RETURN_OK: {
sol_log("return Ok");
return SUCCESS;
}
case RETURN_ERROR: {
sol_log("return error"); sol_log("return error");
return 42; return 42;
} }
case TEST_DERIVED_SIGNERS: { case DERIVED_SIGNERS: {
sol_log("verify derived signers"); sol_log("verify derived signers");
static const int INVOKED_PROGRAM_INDEX = 0; static const int INVOKED_PROGRAM_INDEX = 0;
static const int DERIVED_KEY1_INDEX = 1; static const int DERIVED_KEY1_INDEX = 1;
@ -108,7 +112,7 @@ extern uint64_t entrypoint(const uint8_t *input) {
{accounts[DERIVED_KEY1_INDEX].key, true, false}, {accounts[DERIVED_KEY1_INDEX].key, true, false},
{accounts[DERIVED_KEY2_INDEX].key, true, true}, {accounts[DERIVED_KEY2_INDEX].key, true, true},
{accounts[DERIVED_KEY3_INDEX].key, false, true}}; {accounts[DERIVED_KEY3_INDEX].key, false, true}};
uint8_t data[] = {TEST_VERIFY_NESTED_SIGNERS}; uint8_t data[] = {VERIFY_NESTED_SIGNERS};
const SolInstruction instruction = {accounts[INVOKED_PROGRAM_INDEX].key, const SolInstruction instruction = {accounts[INVOKED_PROGRAM_INDEX].key,
arguments, SOL_ARRAY_SIZE(arguments), arguments, SOL_ARRAY_SIZE(arguments),
data, SOL_ARRAY_SIZE(data)}; data, SOL_ARRAY_SIZE(data)};
@ -130,7 +134,7 @@ extern uint64_t entrypoint(const uint8_t *input) {
break; break;
} }
case TEST_VERIFY_NESTED_SIGNERS: { case VERIFY_NESTED_SIGNERS: {
sol_log("verify derived nested signers"); sol_log("verify derived nested signers");
static const int DERIVED_KEY1_INDEX = 0; static const int DERIVED_KEY1_INDEX = 0;
static const int DERIVED_KEY2_INDEX = 1; static const int DERIVED_KEY2_INDEX = 1;
@ -144,7 +148,7 @@ extern uint64_t entrypoint(const uint8_t *input) {
break; break;
} }
case TEST_VERIFY_WRITER: { case VERIFY_WRITER: {
sol_log("verify writable"); sol_log("verify writable");
static const int ARGUMENT_INDEX = 0; static const int ARGUMENT_INDEX = 0;
sol_assert(sol_deserialize(input, &params, 1)); sol_assert(sol_deserialize(input, &params, 1));
@ -152,11 +156,11 @@ extern uint64_t entrypoint(const uint8_t *input) {
sol_assert(accounts[ARGUMENT_INDEX].is_writable); sol_assert(accounts[ARGUMENT_INDEX].is_writable);
break; break;
} }
case TEST_VERIFY_PRIVILEGE_ESCALATION: { case VERIFY_PRIVILEGE_ESCALATION: {
sol_log("Success"); sol_log("Success");
break; break;
} }
case TEST_NESTED_INVOKE: { case NESTED_INVOKE: {
sol_log("invoke"); sol_log("invoke");
static const int INVOKED_ARGUMENT_INDEX = 0; static const int INVOKED_ARGUMENT_INDEX = 0;
@ -179,7 +183,7 @@ extern uint64_t entrypoint(const uint8_t *input) {
SolAccountMeta arguments[] = { SolAccountMeta arguments[] = {
{accounts[INVOKED_ARGUMENT_INDEX].key, true, true}, {accounts[INVOKED_ARGUMENT_INDEX].key, true, true},
{accounts[ARGUMENT_INDEX].key, true, true}}; {accounts[ARGUMENT_INDEX].key, true, true}};
uint8_t data[] = {TEST_NESTED_INVOKE}; uint8_t data[] = {NESTED_INVOKE};
const SolInstruction instruction = {accounts[INVOKED_PROGRAM_INDEX].key, const SolInstruction instruction = {accounts[INVOKED_PROGRAM_INDEX].key,
arguments, SOL_ARRAY_SIZE(arguments), arguments, SOL_ARRAY_SIZE(arguments),
data, SOL_ARRAY_SIZE(data)}; data, SOL_ARRAY_SIZE(data)};

64
programs/bpf/rust/invoke/src/lib.rs
View File

@ -26,6 +26,7 @@ const TEST_CAP_SIGNERS: u8 = 7;
const TEST_ALLOC_ACCESS_VIOLATION: u8 = 8; const TEST_ALLOC_ACCESS_VIOLATION: u8 = 8;
const TEST_INSTRUCTION_DATA_TOO_LARGE: u8 = 9; const TEST_INSTRUCTION_DATA_TOO_LARGE: u8 = 9;
const TEST_INSTRUCTION_META_TOO_LARGE: u8 = 10; const TEST_INSTRUCTION_META_TOO_LARGE: u8 = 10;
const TEST_RETURN_ERROR: u8 = 11;
// const MINT_INDEX: usize = 0; // const MINT_INDEX: usize = 0;
const ARGUMENT_INDEX: usize = 1; const ARGUMENT_INDEX: usize = 1;
@ -122,7 +123,7 @@ fn process_instruction(
(accounts[INVOKED_PROGRAM_INDEX].key, false, false), (accounts[INVOKED_PROGRAM_INDEX].key, false, false),
(accounts[INVOKED_PROGRAM_DUP_INDEX].key, false, false), (accounts[INVOKED_PROGRAM_DUP_INDEX].key, false, false),
], ],
vec![TEST_VERIFY_TRANSLATIONS, 1, 2, 3, 4, 5], vec![VERIFY_TRANSLATIONS, 1, 2, 3, 4, 5],
); );
invoke(&instruction, accounts)?; invoke(&instruction, accounts)?;
} }
@ -137,29 +138,6 @@ fn process_instruction(
invoke(&instruction, accounts)?; invoke(&instruction, accounts)?;
} }
msg!("Test return error");
{
assert_eq!(
10,
**accounts[INVOKED_ARGUMENT_INDEX].try_borrow_lamports()?
);
assert_eq!(0, accounts[INVOKED_ARGUMENT_INDEX].try_borrow_data()?[0]);
let instruction = create_instruction(
*accounts[INVOKED_PROGRAM_INDEX].key,
&[(accounts[INVOKED_ARGUMENT_INDEX].key, false, true)],
vec![TEST_RETURN_ERROR],
);
assert_eq!(
invoke(&instruction, accounts),
Err(ProgramError::Custom(42))
);
assert_eq!(
10,
**accounts[INVOKED_ARGUMENT_INDEX].try_borrow_lamports()?
);
assert_eq!(0, accounts[INVOKED_ARGUMENT_INDEX].try_borrow_data()?[0]);
}
msg!("Test refcell usage"); msg!("Test refcell usage");
{ {
let writable = INVOKED_ARGUMENT_INDEX; let writable = INVOKED_ARGUMENT_INDEX;
@ -171,14 +149,11 @@ fn process_instruction(
(accounts[writable].key, true, true), (accounts[writable].key, true, true),
(accounts[readable].key, false, false), (accounts[readable].key, false, false),
], ],
vec![TEST_RETURN_ERROR, 1, 2, 3, 4, 5], vec![RETURN_OK, 1, 2, 3, 4, 5],
); );
// success with this account configuration as a check // success with this account configuration as a check
assert_eq!( invoke(&instruction, accounts)?;
invoke(&instruction, accounts),
Err(ProgramError::Custom(42))
);
{ {
// writable but lamports borrow_mut'd // writable but lamports borrow_mut'd
@ -231,18 +206,12 @@ fn process_instruction(
{ {
// readable but lamports borrow'd // readable but lamports borrow'd
let _ref_mut = accounts[readable].try_borrow_lamports()?; let _ref_mut = accounts[readable].try_borrow_lamports()?;
assert_eq!( invoke(&instruction, accounts)?;
invoke(&instruction, accounts),
Err(ProgramError::Custom(42))
);
} }
{ {
// readable but data borrow'd // readable but data borrow'd
let _ref_mut = accounts[readable].try_borrow_data()?; let _ref_mut = accounts[readable].try_borrow_data()?;
assert_eq!( invoke(&instruction, accounts)?;
invoke(&instruction, accounts),
Err(ProgramError::Custom(42))
);
} }
} }
@ -289,7 +258,7 @@ fn process_instruction(
(accounts[DERIVED_KEY2_INDEX].key, true, false), (accounts[DERIVED_KEY2_INDEX].key, true, false),
(accounts[DERIVED_KEY3_INDEX].key, false, false), (accounts[DERIVED_KEY3_INDEX].key, false, false),
], ],
vec![TEST_DERIVED_SIGNERS, bump_seed2, bump_seed3], vec![DERIVED_SIGNERS, bump_seed2, bump_seed3],
); );
invoke_signed( invoke_signed(
&invoked_instruction, &invoked_instruction,
@ -303,7 +272,7 @@ fn process_instruction(
let invoked_instruction = create_instruction( let invoked_instruction = create_instruction(
*accounts[INVOKED_PROGRAM_INDEX].key, *accounts[INVOKED_PROGRAM_INDEX].key,
&[(accounts[ARGUMENT_INDEX].key, false, true)], &[(accounts[ARGUMENT_INDEX].key, false, true)],
vec![TEST_VERIFY_WRITER], vec![VERIFY_WRITER],
); );
invoke(&invoked_instruction, accounts)?; invoke(&invoked_instruction, accounts)?;
} }
@ -324,7 +293,7 @@ fn process_instruction(
(accounts[INVOKED_PROGRAM_DUP_INDEX].key, false, false), (accounts[INVOKED_PROGRAM_DUP_INDEX].key, false, false),
(accounts[INVOKED_PROGRAM_DUP_INDEX].key, false, false), (accounts[INVOKED_PROGRAM_DUP_INDEX].key, false, false),
], ],
vec![TEST_NESTED_INVOKE], vec![NESTED_INVOKE],
); );
invoke(&instruction, accounts)?; invoke(&instruction, accounts)?;
msg!("2nd invoke from first program"); msg!("2nd invoke from first program");
@ -354,7 +323,7 @@ fn process_instruction(
let mut invoked_instruction = create_instruction( let mut invoked_instruction = create_instruction(
*accounts[INVOKED_PROGRAM_INDEX].key, *accounts[INVOKED_PROGRAM_INDEX].key,
&[(accounts[DERIVED_KEY3_INDEX].key, false, false)], &[(accounts[DERIVED_KEY3_INDEX].key, false, false)],
vec![TEST_VERIFY_PRIVILEGE_ESCALATION], vec![VERIFY_PRIVILEGE_ESCALATION],
); );
invoke(&invoked_instruction, accounts)?; invoke(&invoked_instruction, accounts)?;
@ -367,7 +336,7 @@ fn process_instruction(
let mut invoked_instruction = create_instruction( let mut invoked_instruction = create_instruction(
*accounts[INVOKED_PROGRAM_INDEX].key, *accounts[INVOKED_PROGRAM_INDEX].key,
&[(accounts[DERIVED_KEY3_INDEX].key, false, false)], &[(accounts[DERIVED_KEY3_INDEX].key, false, false)],
vec![TEST_VERIFY_PRIVILEGE_ESCALATION], vec![VERIFY_PRIVILEGE_ESCALATION],
); );
invoke(&invoked_instruction, accounts)?; invoke(&invoked_instruction, accounts)?;
@ -381,7 +350,7 @@ fn process_instruction(
let instruction = create_instruction( let instruction = create_instruction(
*accounts[ARGUMENT_INDEX].key, *accounts[ARGUMENT_INDEX].key,
&[(accounts[ARGUMENT_INDEX].key, true, true)], &[(accounts[ARGUMENT_INDEX].key, true, true)],
vec![TEST_RETURN_ERROR], vec![RETURN_OK],
); );
invoke(&instruction, accounts)?; invoke(&instruction, accounts)?;
} }
@ -514,6 +483,15 @@ fn process_instruction(
); );
invoke_signed(&instruction, &[], &[])?; invoke_signed(&instruction, &[], &[])?;
} }
TEST_RETURN_ERROR => {
msg!("Test return error");
let instruction = create_instruction(
*accounts[INVOKED_PROGRAM_INDEX].key,
&[(accounts[INVOKED_ARGUMENT_INDEX].key, false, true)],
vec![RETURN_ERROR],
);
let _ = invoke(&instruction, accounts);
}
_ => panic!(), _ => panic!(),
} }

15
programs/bpf/rust/invoked/src/instruction.rs
View File

@ -5,13 +5,14 @@ use solana_program::{
pubkey::Pubkey, pubkey::Pubkey,
}; };
pub const TEST_VERIFY_TRANSLATIONS: u8 = 0; pub const VERIFY_TRANSLATIONS: u8 = 0;
pub const TEST_RETURN_ERROR: u8 = 1; pub const RETURN_ERROR: u8 = 1;
pub const TEST_DERIVED_SIGNERS: u8 = 2; pub const DERIVED_SIGNERS: u8 = 2;
pub const TEST_VERIFY_NESTED_SIGNERS: u8 = 3; pub const VERIFY_NESTED_SIGNERS: u8 = 3;
pub const TEST_VERIFY_WRITER: u8 = 4; pub const VERIFY_WRITER: u8 = 4;
pub const TEST_VERIFY_PRIVILEGE_ESCALATION: u8 = 5; pub const VERIFY_PRIVILEGE_ESCALATION: u8 = 5;
pub const TEST_NESTED_INVOKE: u8 = 6; pub const NESTED_INVOKE: u8 = 6;
pub const RETURN_OK: u8 = 7;
pub fn create_instruction( pub fn create_instruction(
program_id: Pubkey, program_id: Pubkey,

30
programs/bpf/rust/invoked/src/processor.rs
View File

@ -27,7 +27,7 @@ fn process_instruction(
} }
match instruction_data[0] { match instruction_data[0] {
TEST_VERIFY_TRANSLATIONS => { VERIFY_TRANSLATIONS => {
msg!("verify data translations"); msg!("verify data translations");
const ARGUMENT_INDEX: usize = 0; const ARGUMENT_INDEX: usize = 0;
@ -105,19 +105,15 @@ fn process_instruction(
msg!(data[0], 0, 0, 0, 0); msg!(data[0], 0, 0, 0, 0);
} }
} }
TEST_RETURN_ERROR => { RETURN_OK => {
msg!("Ok");
return Ok(());
}
RETURN_ERROR => {
msg!("return error"); msg!("return error");
const ARGUMENT_INDEX: usize = 0;
// modify lamports that should be dropped
assert_eq!(10, **accounts[ARGUMENT_INDEX].try_borrow_lamports()?);
**accounts[ARGUMENT_INDEX].try_borrow_mut_lamports()? += 1;
// modify data that should be dropped
assert_eq!(0, accounts[ARGUMENT_INDEX].try_borrow_mut_data()?[0]);
accounts[ARGUMENT_INDEX].try_borrow_mut_data()?[0] = 1;
return Err(ProgramError::Custom(42)); return Err(ProgramError::Custom(42));
} }
TEST_DERIVED_SIGNERS => { DERIVED_SIGNERS => {
msg!("verify derived signers"); msg!("verify derived signers");
const INVOKED_PROGRAM_INDEX: usize = 0; const INVOKED_PROGRAM_INDEX: usize = 0;
const DERIVED_KEY1_INDEX: usize = 1; const DERIVED_KEY1_INDEX: usize = 1;
@ -137,7 +133,7 @@ fn process_instruction(
(accounts[DERIVED_KEY2_INDEX].key, true, true), (accounts[DERIVED_KEY2_INDEX].key, true, true),
(accounts[DERIVED_KEY3_INDEX].key, false, true), (accounts[DERIVED_KEY3_INDEX].key, false, true),
], ],
vec![TEST_VERIFY_NESTED_SIGNERS], vec![VERIFY_NESTED_SIGNERS],
); );
invoke_signed( invoke_signed(
&invoked_instruction, &invoked_instruction,
@ -148,7 +144,7 @@ fn process_instruction(
], ],
)?; )?;
} }
TEST_VERIFY_NESTED_SIGNERS => { VERIFY_NESTED_SIGNERS => {
msg!("verify nested derived signers"); msg!("verify nested derived signers");
const DERIVED_KEY1_INDEX: usize = 0; const DERIVED_KEY1_INDEX: usize = 0;
const DERIVED_KEY2_INDEX: usize = 1; const DERIVED_KEY2_INDEX: usize = 1;
@ -158,16 +154,16 @@ fn process_instruction(
assert!(accounts[DERIVED_KEY2_INDEX].is_signer); assert!(accounts[DERIVED_KEY2_INDEX].is_signer);
assert!(accounts[DERIVED_KEY3_INDEX].is_signer); assert!(accounts[DERIVED_KEY3_INDEX].is_signer);
} }
TEST_VERIFY_WRITER => { VERIFY_WRITER => {
msg!("verify writable"); msg!("verify writable");
const ARGUMENT_INDEX: usize = 0; const ARGUMENT_INDEX: usize = 0;
assert!(!accounts[ARGUMENT_INDEX].is_writable); assert!(!accounts[ARGUMENT_INDEX].is_writable);
} }
TEST_VERIFY_PRIVILEGE_ESCALATION => { VERIFY_PRIVILEGE_ESCALATION => {
msg!("Success"); msg!("Success");
} }
TEST_NESTED_INVOKE => { NESTED_INVOKE => {
msg!("nested invoke"); msg!("nested invoke");
const ARGUMENT_INDEX: usize = 0; const ARGUMENT_INDEX: usize = 0;
@ -186,7 +182,7 @@ fn process_instruction(
(accounts[ARGUMENT_INDEX].key, true, true), (accounts[ARGUMENT_INDEX].key, true, true),
(accounts[INVOKED_ARGUMENT_INDEX].key, true, true), (accounts[INVOKED_ARGUMENT_INDEX].key, true, true),
], ],
vec![TEST_NESTED_INVOKE], vec![NESTED_INVOKE],
); );
invoke(&invoked_instruction, accounts)?; invoke(&invoked_instruction, accounts)?;
} else { } else {

31
programs/bpf/tests/programs.rs
View File

@ -568,6 +568,7 @@ fn test_program_bpf_invoke() {
const TEST_ALLOC_ACCESS_VIOLATION: u8 = 8; const TEST_ALLOC_ACCESS_VIOLATION: u8 = 8;
const TEST_INSTRUCTION_DATA_TOO_LARGE: u8 = 9; const TEST_INSTRUCTION_DATA_TOO_LARGE: u8 = 9;
const TEST_INSTRUCTION_META_TOO_LARGE: u8 = 10; const TEST_INSTRUCTION_META_TOO_LARGE: u8 = 10;
const TEST_RETURN_ERROR: u8 = 11;
#[allow(dead_code)] #[allow(dead_code)]
#[derive(Debug)] #[derive(Debug)]
@ -683,7 +684,6 @@ fn test_program_bpf_invoke() {
invoked_program_id.clone(), invoked_program_id.clone(),
invoked_program_id.clone(), invoked_program_id.clone(),
invoked_program_id.clone(), invoked_program_id.clone(),
invoked_program_id.clone(),
], ],
Languages::Rust => vec![ Languages::Rust => vec![
solana_sdk::system_program::id(), solana_sdk::system_program::id(),
@ -700,9 +700,9 @@ fn test_program_bpf_invoke() {
invoked_program_id.clone(), invoked_program_id.clone(),
invoked_program_id.clone(), invoked_program_id.clone(),
invoked_program_id.clone(), invoked_program_id.clone(),
invoked_program_id.clone(),
], ],
}; };
assert_eq!(invoked_programs.len(), expected_invoked_programs.len());
assert_eq!(invoked_programs, expected_invoked_programs); assert_eq!(invoked_programs, expected_invoked_programs);
let no_invoked_programs: Vec<Pubkey> = inner_instructions[1] let no_invoked_programs: Vec<Pubkey> = inner_instructions[1]
@ -960,6 +960,33 @@ fn test_program_bpf_invoke() {
TransactionError::InstructionError(0, InstructionError::ComputationalBudgetExceeded) TransactionError::InstructionError(0, InstructionError::ComputationalBudgetExceeded)
); );
let instruction = Instruction::new(
invoke_program_id,
&[TEST_RETURN_ERROR, bump_seed1, bump_seed2, bump_seed3],
account_metas.clone(),
);
let message = Message::new(&[instruction], Some(&mint_pubkey));
let tx = Transaction::new(
&[
&mint_keypair,
&argument_keypair,
&invoked_argument_keypair,
&from_keypair,
],
message.clone(),
bank.last_blockhash(),
);
let (result, inner_instructions) = process_transaction_and_record_inner(&bank, tx);
let invoked_programs: Vec<Pubkey> = inner_instructions[0]
.iter()
.map(|ix| message.account_keys[ix.program_id_index as usize].clone())
.collect();
assert_eq!(invoked_programs, vec![invoked_program_id.clone()]);
assert_eq!(
result.unwrap_err(),
TransactionError::InstructionError(0, InstructionError::Custom(42))
);
// Check final state // Check final state
assert_eq!(43, bank.get_balance(&derived_key1)); assert_eq!(43, bank.get_balance(&derived_key1));

18
programs/bpf_loader/src/syscalls.rs
View File

@ -17,8 +17,8 @@ use solana_sdk::{
bpf_loader_upgradeable::{self, UpgradeableLoaderState}, bpf_loader_upgradeable::{self, UpgradeableLoaderState},
entrypoint::{MAX_PERMITTED_DATA_INCREASE, SUCCESS}, entrypoint::{MAX_PERMITTED_DATA_INCREASE, SUCCESS},
feature_set::{ feature_set::{
limit_cpi_loader_invoke, pubkey_log_syscall_enabled, ristretto_mul_syscall_enabled, abort_on_all_cpi_failures, limit_cpi_loader_invoke, pubkey_log_syscall_enabled,
sha256_syscall_enabled, sol_log_compute_units_syscall, ristretto_mul_syscall_enabled, sha256_syscall_enabled, sol_log_compute_units_syscall,
try_find_program_address_syscall_enabled, use_loaded_program_accounts, try_find_program_address_syscall_enabled, use_loaded_program_accounts,
}, },
hash::{Hasher, HASH_BYTES}, hash::{Hasher, HASH_BYTES},
@ -1503,10 +1503,16 @@ fn call<'a>(
*(&mut *invoke_context), *(&mut *invoke_context),
) { ) {
Ok(()) => (), Ok(()) => (),
Err(err) => match ProgramError::try_from(err) { Err(err) => {
Ok(err) => return Ok(err.into()), if invoke_context.is_feature_active(&abort_on_all_cpi_failures::id()) {
Err(err) => return Err(SyscallError::InstructionError(err).into()), return Err(SyscallError::InstructionError(err).into());
}, } else {
match ProgramError::try_from(err) {
Ok(err) => return Ok(err.into()),
Err(err) => return Err(SyscallError::InstructionError(err).into()),
}
}
}
} }
// Copy results back to caller // Copy results back to caller

5
sdk/src/feature_set.rs
View File

@ -130,6 +130,10 @@ pub mod use_loaded_program_accounts {
solana_sdk::declare_id!("FLjgLeg1PJkZimQCVa5sVFtaq6VmSDPw3NvH8iQ3nyHn"); solana_sdk::declare_id!("FLjgLeg1PJkZimQCVa5sVFtaq6VmSDPw3NvH8iQ3nyHn");
} }
pub mod abort_on_all_cpi_failures {
solana_sdk::declare_id!("ED5D5a2hQaECHaMmKpnU48GdsfafdCjkb3pgAw5RKbb2");
}
lazy_static! { lazy_static! {
/// Map of feature identifiers to user-visible description /// Map of feature identifiers to user-visible description
pub static ref FEATURE_NAMES: HashMap<Pubkey, &'static str> = [ pub static ref FEATURE_NAMES: HashMap<Pubkey, &'static str> = [
@ -164,6 +168,7 @@ lazy_static! {
(max_cpi_instruction_size_ipv6_mtu::id(), "Max cross-program invocation size 1280"), (max_cpi_instruction_size_ipv6_mtu::id(), "Max cross-program invocation size 1280"),
(limit_cpi_loader_invoke::id(), "Loader not authorized via CPI"), (limit_cpi_loader_invoke::id(), "Loader not authorized via CPI"),
(use_loaded_program_accounts::id(), "Use loaded program accounts"), (use_loaded_program_accounts::id(), "Use loaded program accounts"),
(abort_on_all_cpi_failures::id(), "Abort on all CPI failures"),
/*************** ADD NEW FEATURES HERE ***************/ /*************** ADD NEW FEATURES HERE ***************/
] ]
.iter() .iter()