Skip to content
This repository has been archived by the owner on Jan 22, 2025. It is now read-only.

Sanitize instruction index when loading instruction from sysvar #15942

Merged
merged 1 commit into from
Mar 19, 2021
Merged

Sanitize instruction index when loading instruction from sysvar #15942

merged 1 commit into from
Mar 19, 2021

Conversation

jstarry
Copy link
Contributor

@jstarry jstarry commented Mar 17, 2021

Problem

The sysvar::instructions::load_instruction_at sdk method doesn't sanitize the index when loading an instruction. Context: solana-labs/solana-program-library#1444 (comment)

Summary of Changes

  • Return sanitization error if index is not below the number of instructions

Fixes #

@jstarry jstarry force-pushed the sanitize-ix-index branch from e133902 to c1bd348 Compare March 18, 2021 00:49
@codecov
Copy link

codecov bot commented Mar 18, 2021

Codecov Report

Merging #15942 (c1bd348) into master (04c99cf) will decrease coverage by 0.0%.
The diff coverage is 100.0%.

@@            Coverage Diff            @@
##           master   #15942     +/-   ##
=========================================
- Coverage    80.0%    80.0%   -0.1%     
=========================================
  Files         409      409             
  Lines      106757   106767     +10     
=========================================
- Hits        85437    85431      -6     
- Misses      21320    21336     +16

@jstarry jstarry requested a review from sakridge March 18, 2021 02:25
@ryoqun
Copy link
Contributor

ryoqun commented Mar 18, 2021

maybe, this needs feature gate?

@t-nelson
Copy link
Contributor

maybe, this needs feature gate?

I think offenders are already crashing

@jstarry
Copy link
Contributor Author

jstarry commented Mar 19, 2021

maybe, this needs feature gate?

This is an sdk method that would be compiled into a bpf binary, not in the runtime afaik

@jstarry jstarry changed the title Santize instruction index when loading instruction from sysvar Sanitize instruction index when loading instruction from sysvar Mar 19, 2021
@jstarry
Copy link
Contributor Author

jstarry commented Mar 19, 2021

got a 👍🏻 from @sakridge

@jstarry jstarry merged commit 4c5660b into solana-labs:master Mar 19, 2021
@jstarry jstarry deleted the sanitize-ix-index branch March 19, 2021 01:32
mergify bot pushed a commit that referenced this pull request Mar 19, 2021
@jstarry
Santize instruction index when loading instruction from sysvar (#15942)
23f57fd 
(cherry picked from commit 4c5660b)
@mergify mergify bot mentioned this pull request Mar 19, 2021
Merged
mergify bot pushed a commit that referenced this pull request Mar 19, 2021
@jstarry
Santize instruction index when loading instruction from sysvar (#15942)
4423acb 
(cherry picked from commit 4c5660b)
@mergify mergify bot mentioned this pull request Mar 19, 2021
Merged
mergify bot added a commit that referenced this pull request Mar 19, 2021
@mergify @jstarry
Santize instruction index when loading instruction from sysvar (#15942)…
c2ce68a 
… (#16004)

(cherry picked from commit 4c5660b)

Co-authored-by: Justin Starry <justin@solana.com>
jstarry added a commit that referenced this pull request Mar 19, 2021
@mergify @jstarry
Santize instruction index when loading instruction from sysvar (#15942)…
57833a3 
… (#16003)

(cherry picked from commit 4c5660b)

Co-authored-by: Justin Starry <justin@solana.com>
@leofisG leofisG mentioned this pull request Mar 21, 2021
Merged
@brooksprumo brooksprumo mentioned this pull request Aug 23, 2021
Closed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@sakridge sakridge Awaiting requested review from sakridge

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@jstarry @ryoqun @t-nelson