Skip to content

Commit

Permalink
Add non-anchor tests and update anchor tests
Browse files Browse the repository at this point in the history
  • Loading branch information
Vara Prasad Bandaru committed Mar 5, 2024
1 parent c392cf3 commit 7210d7e
Show file tree
Hide file tree
Showing 13 changed files with 174 additions and 18 deletions.
6 changes: 5 additions & 1 deletion crate/diffs/missing_signer_check.diff
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@ diff -r -x Cargo.lock ./insecure/src/lib.rs ../../../../lints/missing_signer_che
> #[allow(dead_code)]
> fn main() {}
Only in ../../../../lints/missing_signer_check/ui/insecure/src: lib.stderr
Only in ../../../../lints/missing_signer_check/ui: insecure-non-anchor
diff -r -x Cargo.lock ./recommended/Cargo.toml ../../../../lints/missing_signer_check/ui/recommended/Cargo.toml
19c19,21
< anchor-lang = "0.20.0"
Expand All @@ -40,8 +41,11 @@ diff -r -x Cargo.lock ./secure/Cargo.toml ../../../../lints/missing_signer_check
diff -r -x Cargo.lock ./secure/src/lib.rs ../../../../lints/missing_signer_check/ui/secure/src/lib.rs
1a2
> use anchor_lang::solana_program::entrypoint::ProgramResult;
21a23,25
21a23,27
>
> // This is a false positive as the lint does not check for `is_signer` checks if the
> // program is an anchor program. The lint should be updated to remove the false positive.
> #[allow(dead_code)]
> fn main() {}
Only in ../../../../lints/missing_signer_check/ui/secure/src: lib.stderr
Only in ../../../../lints/missing_signer_check/ui: secure-non-anchor
17 changes: 9 additions & 8 deletions lints/missing_signer_check/Cargo.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

9 changes: 9 additions & 0 deletions lints/missing_signer_check/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,14 @@ path = "ui/recommended/src/lib.rs"
name = "secure"
path = "ui/secure/src/lib.rs"

[[example]]
name = "insecure-non-anchor"
path = "ui/insecure-non-anchor/src/lib.rs"

[[example]]
name = "secure-non-anchor"
path = "ui/secure-non-anchor/src/lib.rs"

[dependencies]
anchor-syn = "0.29.0"
clippy_utils = { git = "https://github.com/rust-lang/rust-clippy", rev = "ac4c2094a6030530661bee3876e0228ddfeb6b8b" }
Expand All @@ -31,6 +39,7 @@ solana-lints = { path = "../../crate" }
[dev-dependencies]
anchor-lang = "0.29"
dylint_testing = "2.6"
solana-program = "1.18.4"

[workspace]

Expand Down
14 changes: 12 additions & 2 deletions lints/missing_signer_check/src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -117,7 +117,7 @@ impl<'tcx> LateLintPass<'tcx> for MissingSignerCheck {
/// Return true if any of the expression in body has type `AccountInfo` (`solana_program::account_info::AccountInfo`)
fn body_uses_account_info<'tcx>(cx: &LateContext<'tcx>, body: &'tcx Body<'tcx>) -> bool {
visit_expr_no_bodies(body.value, |expr| {
let ty = cx.typeck_results().expr_ty(expr);
let ty = cx.typeck_results().expr_ty(expr).peel_refs();
match_type(cx, ty, &paths::SOLANA_PROGRAM_ACCOUNT_INFO)
})
}
Expand Down Expand Up @@ -181,7 +181,7 @@ fn is_is_signer_use<'tcx>(cx: &LateContext<'tcx>, expr: &Expr<'tcx>) -> bool {
if let ExprKind::Field(object, field_name) = expr.kind;
if field_name.as_str() == "is_signer";
// type of `x` is AccountInfo
let ty = cx.typeck_results().expr_ty(object);
let ty = cx.typeck_results().expr_ty(object).peel_refs();
if match_type(cx, ty, &paths::SOLANA_PROGRAM_ACCOUNT_INFO);
then {
true
Expand Down Expand Up @@ -307,3 +307,13 @@ fn recommended() {
fn secure() {
dylint_testing::ui_test_example(env!("CARGO_PKG_NAME"), "secure");
}

#[test]
fn insecure_non_anchor() {
dylint_testing::ui_test_example(env!("CARGO_PKG_NAME"), "insecure-non-anchor");
}

#[test]
fn secure_non_anchor() {
dylint_testing::ui_test_example(env!("CARGO_PKG_NAME"), "secure-non-anchor");
}
21 changes: 21 additions & 0 deletions lints/missing_signer_check/ui/insecure-non-anchor/Cargo.toml
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
[package]
name = "signer-authorization-insecure-non-anchor"
version = "0.1.0"
description = ""
edition = "2018"

[lib]
crate-type = ["cdylib", "lib"]
name = "signer_authorization_insecure_non_anchor"

[features]
no-entrypoint = []
no-idl = []
no-log-ix-name = []
cpi = ["no-entrypoint"]
default = []

[dependencies]
solana-program = "1.18.4"

[workspace]
29 changes: 29 additions & 0 deletions lints/missing_signer_check/ui/insecure-non-anchor/src/lib.rs
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
use solana_program::msg;
use solana_program::{
account_info::{next_account_info, AccountInfo},
entrypoint,
entrypoint::ProgramResult,
program_error::ProgramError,
pubkey::Pubkey,
};

entrypoint!(process_instruction);
fn process_instruction(
_program_id: &Pubkey,
accounts: &[AccountInfo],
instruction_data: &[u8],
) -> ProgramResult {
if instruction_data.len() != 0 {
return Err(ProgramError::InvalidInstructionData);
}
log_message(accounts)
}

pub fn log_message(accounts: &[AccountInfo]) -> ProgramResult {
let authority = next_account_info(&mut accounts.iter())?;
msg!("GM {:?}", authority);
Ok(())
}

#[allow(dead_code)]
fn main() {}
15 changes: 15 additions & 0 deletions lints/missing_signer_check/ui/insecure-non-anchor/src/lib.stderr
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
error: this function lacks a use of `is_signer`
--> $DIR/lib.rs:22:1
|
LL | / pub fn log_message(accounts: &[AccountInfo]) -> ProgramResult {
LL | | let authority = next_account_info(&mut accounts.iter())?;
LL | | msg!("GM {:?}", authority);
LL | | Ok(())
LL | | }
| |_^
|
= note: `-D missing-signer-check` implied by `-D warnings`
= help: to override `-D warnings` add `#[allow(missing_signer_check)]`

error: aborting due to 1 previous error

13 changes: 6 additions & 7 deletions lints/missing_signer_check/ui/insecure/src/lib.stderr
Original file line number Diff line number Diff line change
@@ -1,11 +1,10 @@
error: this function lacks a use of `is_signer`
--> $DIR/lib.rs:10:5
error: Account `authority` might need to be a signer
--> $DIR/lib.rs:18:5
|
LL | / pub fn log_message(ctx: Context<LogMessage>) -> ProgramResult {
LL | | msg!("GM {}", ctx.accounts.authority.key().to_string());
LL | | Ok(())
LL | | }
| |_____^
LL | pub struct LogMessage<'info> {
| ---------- Accounts of this instruction
LL | authority: AccountInfo<'info>,
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
= note: `-D missing-signer-check` implied by `-D warnings`
= help: to override `-D warnings` add `#[allow(missing_signer_check)]`
Expand Down
21 changes: 21 additions & 0 deletions lints/missing_signer_check/ui/secure-non-anchor/Cargo.toml
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
[package]
name = "signer-authorization-secure-non-anchor"
version = "0.1.0"
description = ""
edition = "2018"

[lib]
crate-type = ["cdylib", "lib"]
name = "signer_authorization_secure_non_anchor"

[features]
no-entrypoint = []
no-idl = []
no-log-ix-name = []
cpi = ["no-entrypoint"]
default = []

[dependencies]
solana-program = "1.18.4"

[workspace]
32 changes: 32 additions & 0 deletions lints/missing_signer_check/ui/secure-non-anchor/src/lib.rs
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
use solana_program::msg;
use solana_program::{
account_info::{next_account_info, AccountInfo},
entrypoint,
entrypoint::ProgramResult,
program_error::ProgramError,
pubkey::Pubkey,
};

entrypoint!(process_instruction);
fn process_instruction(
_program_id: &Pubkey,
accounts: &[AccountInfo],
instruction_data: &[u8],
) -> ProgramResult {
if instruction_data.len() != 0 {
return Err(ProgramError::InvalidInstructionData);
}
log_message(accounts)
}

pub fn log_message(accounts: &[AccountInfo]) -> ProgramResult {
let authority = next_account_info(&mut accounts.iter())?;
if !authority.is_signer {
return Err(ProgramError::MissingRequiredSignature);
}
msg!("GM {:?}", authority);
Ok(())
}

#[allow(dead_code)]
fn main() {}
Empty file.
2 changes: 2 additions & 0 deletions lints/missing_signer_check/ui/secure/src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -21,5 +21,7 @@ pub struct LogMessage<'info> {
authority: AccountInfo<'info>,
}

// This is a false positive as the lint does not check for `is_signer` checks if the
// program is an anchor program. The lint should be updated to remove the false positive.
#[allow(dead_code)]
fn main() {}
13 changes: 13 additions & 0 deletions lints/missing_signer_check/ui/secure/src/lib.stderr
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
error: Account `authority` might need to be a signer
--> $DIR/lib.rs:21:5
|
LL | pub struct LogMessage<'info> {
| ---------- Accounts of this instruction
LL | authority: AccountInfo<'info>,
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
= note: `-D missing-signer-check` implied by `-D warnings`
= help: to override `-D warnings` add `#[allow(missing_signer_check)]`

error: aborting due to 1 previous error

0 comments on commit 7210d7e

Please sign in to comment.