Closed jstarry closed 3 years ago
Since native_invoke is only called for the bpf upgradeable program and that program doesn't modify caller accounts before invoking the native create account instruction, there shouldn't be any change of behavior before and after the fix.
@jackcmay I'm pretty sure https://github.com/solana-labs/solana/pull/19645 will be blocked on this issue FYI
What specifically do you think is blocking?
caller_write_privileges
is constructed in order of keyed_account_indices
instead of message.account_keys
which contrasts with how accounts
and keyed_account_indices_reordered
are constructed. This means that if keyed_account_indices
is not monotonically increasing, the write privileges can be incorrect. This is problematic because if a native program modifies any accounts before invoking another program, it's possible that the native program could be allowed to write to a read-only account that it owns. Or, it may be prevented from writing to a writable account that it owns.
This issue has been automatically locked since there has not been any activity in past 7 days after it was closed. Please open a new issue for related bugs.
Problem
Caller write privileges are not created correctly for native cpi. The
caller_write_privileges
vector should match up withmessage.account_keys
because they will be indexed into in the same wayProposed Solution
message.account_keys
fix with no tests is in this branch: https://github.com/jstarry/solana/tree/fix-caller-write-privileges