Merge pull request #3824 from sisuresh/access-bug

Error if footprint has expired entry

Reviewed-by: dmkozh

src/rust/Cargo.toml

@@ -27,7 +27,7 @@ rustc-simple-version = "0.1.0"
 version = "0.0.17"
 git = "https://github.com/stellar/rs-soroban-env"
 package = "soroban-env-host"
-rev = "2dcd6a6c2bf835f6ebfede445a73304ad9c713c9"
+rev = "e7900207ad7054d8370d2a1eafbaef5c90160e40"
 
 # This copy of the soroban host is _optional_ and only enabled during protocol
 # transitions. When transitioning from protocol N to N+1, the `curr` copy
@@ -51,11 +51,11 @@ optional = true
 version = "0.0.17"
 git = "https://github.com/stellar/rs-soroban-env"
 package = "soroban-env-host"
-rev = "dace9621c53f3386739bb4c300721f9d47996a23"
+rev = "2dcd6a6c2bf835f6ebfede445a73304ad9c713c9"
 
 [dependencies.soroban-test-wasms]
 git = "https://github.com/stellar/rs-soroban-env"
-rev = "2dcd6a6c2bf835f6ebfede445a73304ad9c713c9"
+rev = "e7900207ad7054d8370d2a1eafbaef5c90160e40"
 
 [dependencies.cargo-lock]
 git = "https://github.com/rustsec/rustsec"

src/rust/src/host-dep-tree-curr.txt

@@ -1,4 +1,4 @@
-soroban-env-host 0.0.17 git+https://github.com/stellar/rs-soroban-env?rev=2dcd6a6c2bf835f6ebfede445a73304ad9c713c9#2dcd6a6c2bf835f6ebfede445a73304ad9c713c9
+soroban-env-host 0.0.17 git+https://github.com/stellar/rs-soroban-env?rev=e7900207ad7054d8370d2a1eafbaef5c90160e40#e7900207ad7054d8370d2a1eafbaef5c90160e40
 ├── stellar-strkey 0.0.7 git+https://github.com/stellar/rs-stellar-strkey?rev=e6ba45c60c16de28c7522586b80ed0150157df73#e6ba45c60c16de28c7522586b80ed0150157df73
 │   ├── thiserror 1.0.40 checksum:978c9a314bd8dc99be594bc3c175faaa9794be04a5a5e153caba6915336cebac
 │   │   └── thiserror-impl 1.0.40 checksum:f9456a42c5b0d803c8cd86e73dd7cc9edd429499f37a3550d286d5e86720569f
@@ -25,14 +25,14 @@ soroban-env-host 0.0.17 git+https://github.com/stellar/rs-soroban-env?rev=2dcd6a
 │   ├── spin 0.9.8 checksum:6980e8d7511241f8acf4aebddbb1ff938df5eebe98691418c4468d0b72a96a67
 │   ├── smallvec 1.10.0 checksum:a507befe795404456341dfab10cef66ead4c041f62b8b11bbb92bffe5d0953e0
 │   └── intx 0.1.0 checksum:f6f38a50a899dc47a6d0ed5508e7f601a2e34c3a85303514b5d137f3c10a0c75
-├── soroban-native-sdk-macros 0.0.17 git+https://github.com/stellar/rs-soroban-env?rev=2dcd6a6c2bf835f6ebfede445a73304ad9c713c9#2dcd6a6c2bf835f6ebfede445a73304ad9c713c9
+├── soroban-native-sdk-macros 0.0.17 git+https://github.com/stellar/rs-soroban-env?rev=e7900207ad7054d8370d2a1eafbaef5c90160e40#e7900207ad7054d8370d2a1eafbaef5c90160e40
 │   ├── syn 2.0.18 checksum:32d41677bcbe24c20c52e7c70b0d8db04134c5d1066bf98662e2871ad200ea3e
 │   ├── quote 1.0.28 checksum:1b9ab9c7eadfd8df19006f1cf1a4aed13540ed5cbc047010ece5826e10825488
 │   ├── proc-macro2 1.0.60 checksum:dec2b086b7a862cf4de201096214fa870344cf922b2b30c167badb3af3195406
 │   └── itertools 0.10.5 checksum:b0fd2260e829bddf4cb6ea802289de2f86d6a7a690192fbe91b3f46e0f2c8473
 │       └── either 1.8.1 checksum:7fcaabb2fef8c910e7f4c7ce9f67a1283a1715879a7c230ca9d6d1ae31f16d91
-├── soroban-env-common 0.0.17 git+https://github.com/stellar/rs-soroban-env?rev=2dcd6a6c2bf835f6ebfede445a73304ad9c713c9#2dcd6a6c2bf835f6ebfede445a73304ad9c713c9
-│   ├── stellar-xdr 0.0.17 git+https://github.com/stellar/rs-stellar-xdr?rev=0f16673441898162c9996da6117be2280ef8fd84#0f16673441898162c9996da6117be2280ef8fd84
+├── soroban-env-common 0.0.17 git+https://github.com/stellar/rs-soroban-env?rev=e7900207ad7054d8370d2a1eafbaef5c90160e40#e7900207ad7054d8370d2a1eafbaef5c90160e40
+│   ├── stellar-xdr 0.0.17 git+https://github.com/stellar/rs-stellar-xdr?rev=63ee74d7f0961fa5bcf301a59b5abc6a37fc81a5#63ee74d7f0961fa5bcf301a59b5abc6a37fc81a5
 │   │   ├── hex 0.4.3 checksum:7f24254aa9a54b5c858eaee2f5bccdb46aaf0e486a595ed5fd8f86ba55232a70
 │   │   ├── crate-git-revision 0.0.6 checksum:c521bf1f43d31ed2f73441775ed31935d77901cb3451e44b38a1c1612fcbaf98
 │   │   │   ├── serde_json 1.0.97 checksum:bdf3bf93142acad5821c99197022e170842cdbc1c30482b98750c688c640842a
@@ -48,10 +48,10 @@ soroban-env-host 0.0.17 git+https://github.com/stellar/rs-soroban-env?rev=2dcd6a
 │   │   └── base64 0.13.1 checksum:9e1b586273c5702936fe7b7d6896644d8be71e6314cfe09d3167c95f712589e8
 │   ├── static_assertions 1.1.0 checksum:a2eb9349b6444b326872e140eb1cf5e7c522154d69e7a0ffb0fb81c06b37543f
 │   ├── soroban-wasmi 0.30.0-soroban git+https://github.com/stellar/wasmi?rev=3dc639fde3bebf0bf364a9fa4ac2f0efb7ee9995#3dc639fde3bebf0bf364a9fa4ac2f0efb7ee9995
-│   ├── soroban-env-macros 0.0.17 git+https://github.com/stellar/rs-soroban-env?rev=2dcd6a6c2bf835f6ebfede445a73304ad9c713c9#2dcd6a6c2bf835f6ebfede445a73304ad9c713c9
+│   ├── soroban-env-macros 0.0.17 git+https://github.com/stellar/rs-soroban-env?rev=e7900207ad7054d8370d2a1eafbaef5c90160e40#e7900207ad7054d8370d2a1eafbaef5c90160e40
 │   │   ├── thiserror 1.0.40 checksum:978c9a314bd8dc99be594bc3c175faaa9794be04a5a5e153caba6915336cebac
 │   │   ├── syn 2.0.18 checksum:32d41677bcbe24c20c52e7c70b0d8db04134c5d1066bf98662e2871ad200ea3e
-│   │   ├── stellar-xdr 0.0.17 git+https://github.com/stellar/rs-stellar-xdr?rev=0f16673441898162c9996da6117be2280ef8fd84#0f16673441898162c9996da6117be2280ef8fd84
+│   │   ├── stellar-xdr 0.0.17 git+https://github.com/stellar/rs-stellar-xdr?rev=63ee74d7f0961fa5bcf301a59b5abc6a37fc81a5#63ee74d7f0961fa5bcf301a59b5abc6a37fc81a5
 │   │   ├── serde_json 1.0.97 checksum:bdf3bf93142acad5821c99197022e170842cdbc1c30482b98750c688c640842a
 │   │   ├── serde 1.0.164 checksum:9e8c8cf938e98f769bc164923b06dce91cea1751522f46f8466461af04c9027d
 │   │   ├── quote 1.0.28 checksum:1b9ab9c7eadfd8df19006f1cf1a4aed13540ed5cbc047010ece5826e10825488

src/transactions/InvokeHostFunctionOpFrame.cpp

@@ -298,9 +298,9 @@ InvokeHostFunctionOpFrame::doApply(Application& app, AbstractLedgerTxn& ltx,
 
     ledgerEntryCxxBufs.reserve(footprintLength);
 
-    auto addReads =
-        [&ledgerEntryCxxBufs, &ltx, &metrics, &sorobanConfig, &entryRentChanges,
-         autobumpLedgerCount](auto const& keys, bool readOnly) -> bool {
+    auto addReads = [&ledgerEntryCxxBufs, &ltx, &metrics, &entryRentChanges,
+                     &resources, autobumpLedgerCount,
+                     this](auto const& keys, bool readOnly) -> bool {
         for (auto const& lk : keys)
         {
             size_t keySize = xdr::xdr_size(lk);
@@ -337,14 +337,28 @@ InvokeHostFunctionOpFrame::doApply(Application& app, AbstractLedgerTxn& ltx,
                     }
                 }
             }
+            else if (!isTemporaryEntry(lk) &&
+                     ltx.loadWithoutRecord(lk, /*loadExpiredEntry=*/true))
+            {
+                // Cannot access an expired entry
+                this->innerResult().code(INVOKE_HOST_FUNCTION_ENTRY_EXPIRED);
+                return false;
+            }
             metrics.noteReadEntry(isCodeKey(lk), keySize, entrySize);
+
+            if (resources.readBytes < metrics.mLedgerReadByte)
+            {
+                this->innerResult().code(
+                    INVOKE_HOST_FUNCTION_RESOURCE_LIMIT_EXCEEDED);
+                return false;
+            }
         }
         return true;
     };
 
     if (!addReads(footprint.readWrite, false))
     {
-        innerResult().code(INVOKE_HOST_FUNCTION_RESOURCE_LIMIT_EXCEEDED);
+        // Error code set in addReads
         return false;
     }
     // Metadata includes the ledger entry changes which we
@@ -359,13 +373,7 @@ InvokeHostFunctionOpFrame::doApply(Application& app, AbstractLedgerTxn& ltx,
 
     if (!addReads(footprint.readOnly, true))
     {
-        innerResult().code(INVOKE_HOST_FUNCTION_RESOURCE_LIMIT_EXCEEDED);
-        return false;
-    }
-
-    if (resources.readBytes < metrics.mLedgerReadByte)
-    {
-        innerResult().code(INVOKE_HOST_FUNCTION_RESOURCE_LIMIT_EXCEEDED);
+        // Error code set in addReads
         return false;
     }