token-js: sanity check header space in tlv data (#3936)

2501babe · web-flow · commit 56b1a95230d9 · 2023-01-05T17:00:53.000-08:00
diff --git a/token/js/src/extensions/extensionType.ts b/token/js/src/extensions/extensionType.ts
@@ -67,6 +67,50 @@ export function getTypeLen(e: ExtensionType): number {
     }
 }
 
+export function isMintExtension(e: ExtensionType): boolean {
+    switch (e) {
+        case ExtensionType.TransferFeeConfig:
+        case ExtensionType.MintCloseAuthority:
+        case ExtensionType.ConfidentialTransferMint:
+        case ExtensionType.DefaultAccountState:
+        case ExtensionType.NonTransferable:
+        case ExtensionType.InterestBearingConfig:
+        case ExtensionType.PermanentDelegate:
+            return true;
+        case ExtensionType.Uninitialized:
+        case ExtensionType.TransferFeeAmount:
+        case ExtensionType.ConfidentialTransferAccount:
+        case ExtensionType.ImmutableOwner:
+        case ExtensionType.MemoTransfer:
+        case ExtensionType.CpiGuard:
+            return false;
+        default:
+            throw Error(`Unknown extension type: ${e}`);
+    }
+}
+
+export function isAccountExtension(e: ExtensionType): boolean {
+    switch (e) {
+        case ExtensionType.TransferFeeAmount:
+        case ExtensionType.ConfidentialTransferAccount:
+        case ExtensionType.ImmutableOwner:
+        case ExtensionType.MemoTransfer:
+        case ExtensionType.CpiGuard:
+            return true;
+        case ExtensionType.Uninitialized:
+        case ExtensionType.TransferFeeConfig:
+        case ExtensionType.MintCloseAuthority:
+        case ExtensionType.ConfidentialTransferMint:
+        case ExtensionType.DefaultAccountState:
+        case ExtensionType.NonTransferable:
+        case ExtensionType.InterestBearingConfig:
+        case ExtensionType.PermanentDelegate:
+            return false;
+        default:
+            throw Error(`Unknown extension type: ${e}`);
+    }
+}
+
 export function getAccountTypeOfMintType(e: ExtensionType): ExtensionType {
     switch (e) {
         case ExtensionType.TransferFeeConfig:
@@ -117,7 +161,7 @@ export function getAccountLen(extensionTypes: ExtensionType[]): number {
 
 export function getExtensionData(extension: ExtensionType, tlvData: Buffer): Buffer | null {
     let extensionTypeIndex = 0;
-    while (extensionTypeIndex < tlvData.length) {
+    while (extensionTypeIndex + TYPE_SIZE + LENGTH_SIZE <= tlvData.length) {
         const entryType = tlvData.readUInt16LE(extensionTypeIndex);
         const entryLength = tlvData.readUInt16LE(extensionTypeIndex + TYPE_SIZE);
         const typeIndex = extensionTypeIndex + TYPE_SIZE + LENGTH_SIZE;
diff --git a/token/js/test/e2e-2022/cpiGuard.test.ts b/token/js/test/e2e-2022/cpiGuard.test.ts
@@ -69,14 +69,17 @@ describe('cpiGuard', () => {
 
     it('enable/disable via instruction', async () => {
         let accountInfo = await getAccount(connection, account, undefined, TEST_PROGRAM_ID);
+        let cpiGuard = getCpiGuard(accountInfo);
+
+        expect(cpiGuard).to.be.null;
 
         let transaction = new Transaction().add(
             createEnableCpiGuardInstruction(account, owner.publicKey, [], TEST_PROGRAM_ID)
         );
         await sendAndConfirmTransaction(connection, transaction, [payer, owner], undefined);
 
         accountInfo = await getAccount(connection, account, undefined, TEST_PROGRAM_ID);
-        let cpiGuard = getCpiGuard(accountInfo);
+        cpiGuard = getCpiGuard(accountInfo);
 
         expect(cpiGuard).to.not.be.null;
         if (cpiGuard !== null) {
@@ -99,11 +102,14 @@ describe('cpiGuard', () => {
 
     it('enable/disable via command', async () => {
         let accountInfo = await getAccount(connection, account, undefined, TEST_PROGRAM_ID);
+        let cpiGuard = getCpiGuard(accountInfo);
+
+        expect(cpiGuard).to.be.null;
 
         await enableCpiGuard(connection, payer, account, owner, [], undefined, TEST_PROGRAM_ID);
 
         accountInfo = await getAccount(connection, account, undefined, TEST_PROGRAM_ID);
-        let cpiGuard = getCpiGuard(accountInfo);
+        cpiGuard = getCpiGuard(accountInfo);
 
         expect(cpiGuard).to.not.be.null;
         if (cpiGuard !== null) {
diff --git a/token/js/test/e2e-2022/tlv.test.ts b/token/js/test/e2e-2022/tlv.test.ts
@@ -0,0 +1,96 @@
+import chai, { expect } from 'chai';
+import chaiAsPromised from 'chai-as-promised';
+chai.use(chaiAsPromised);
+
+import type { Connection, PublicKey, Signer } from '@solana/web3.js';
+import { sendAndConfirmTransaction, Keypair, SystemProgram, Transaction } from '@solana/web3.js';
+
+import type { Account, Mint } from '../../src';
+import {
+    createInitializeAccountInstruction,
+    getAccount,
+    getAccountLen,
+    createMint,
+    ExtensionType,
+    getExtensionData,
+    isAccountExtension,
+} from '../../src';
+import { TEST_PROGRAM_ID, newAccountWithLamports, getConnection } from '../common';
+
+const TEST_TOKEN_DECIMALS = 9;
+const ACCOUNT_EXTENSIONS = Object.values(ExtensionType)
+    .filter(Number.isInteger)
+    .filter((e: any): e is ExtensionType => isAccountExtension(e));
+
+describe('tlv test', () => {
+    let connection: Connection;
+    let payer: Signer;
+    let owner: Keypair;
+
+    before(async () => {
+        connection = await getConnection();
+        payer = await newAccountWithLamports(connection, 1000000000);
+        owner = Keypair.generate();
+    });
+
+    // test that the parser gracefully handles accounts with arbitrary extra bytes
+    it('parse account with extra bytes', async () => {
+        const initTestAccount = async (extraBytes: number) => {
+            const mintKeypair = Keypair.generate();
+            const accountKeypair = Keypair.generate();
+            const account = accountKeypair.publicKey;
+            const accountLen = getAccountLen([]) + extraBytes;
+            const lamports = await connection.getMinimumBalanceForRentExemption(accountLen);
+
+            const mint = await createMint(
+                connection,
+                payer,
+                mintKeypair.publicKey,
+                mintKeypair.publicKey,
+                TEST_TOKEN_DECIMALS,
+                mintKeypair,
+                undefined,
+                TEST_PROGRAM_ID
+            );
+
+            const transaction = new Transaction().add(
+                SystemProgram.createAccount({
+                    fromPubkey: payer.publicKey,
+                    newAccountPubkey: account,
+                    space: accountLen,
+                    lamports,
+                    programId: TEST_PROGRAM_ID,
+                }),
+                createInitializeAccountInstruction(account, mint, owner.publicKey, TEST_PROGRAM_ID)
+            );
+
+            await sendAndConfirmTransaction(connection, transaction, [payer, accountKeypair], undefined);
+
+            return account;
+        };
+
+        const promises: Promise<[number, Account] | undefined>[] = [];
+        for (let i = 0; i < 16; i++) {
+            // trying to alloc exactly one extra byte causes an unpack failure in the program when initializing
+            if (i == 1) continue;
+
+            promises.push(
+                initTestAccount(i)
+                    .then((account: PublicKey) => getAccount(connection, account, undefined, TEST_PROGRAM_ID))
+                    .then((accountInfo: Account) => {
+                        for (const extension of ACCOUNT_EXTENSIONS) {
+                            // realistically this will never fail with a non-null value, it will just throw
+                            expect(
+                                getExtensionData(extension, accountInfo.tlvData),
+                                `account parse test failed: found ${ExtensionType[extension]}, but should not have. \
+                                test case: no extensions, ${i} extra bytes`
+                            ).to.be.null;
+                        }
+                        return Promise.resolve(undefined);
+                    })
+            );
+        }
+
+        await Promise.all(promises);
+    });
+});
diff --git a/token/js/test/unit/index.test.ts b/token/js/test/unit/index.test.ts
@@ -16,6 +16,8 @@ import {
     TokenOwnerOffCurveError,
     getAccountLen,
     ExtensionType,
+    isMintExtension,
+    isAccountExtension,
     getAssociatedTokenAddressSync,
     createInitializeAccount2Instruction,
     createInitializeAccount3Instruction,
@@ -238,4 +240,13 @@ describe('extensionType', () => {
         expect(getAccountLen([ExtensionType.ImmutableOwner])).to.eql(170);
         expect(getAccountLen([ExtensionType.PermanentDelegate])).to.eql(202);
     });
+
+    it('exclusive and exhaustive predicates', () => {
+        const exts = Object.values(ExtensionType).filter(Number.isInteger);
+        const mintExts = exts.filter((e: any): e is ExtensionType => isMintExtension(e));
+        const accountExts = exts.filter((e: any): e is ExtensionType => isAccountExtension(e));
+        const collectedExts = [ExtensionType.Uninitialized].concat(mintExts, accountExts);
+
+        expect(collectedExts.sort()).to.eql(exts.sort());
+    });
 });
