solana/token_bridge: relax length requirement in unpacking token2022 mints

to allow for extensions

Author: kcsongor

solana/modules/token_bridge/program/src/types.rs

@@ -6,7 +6,14 @@ use serde::{
     Deserialize,
     Serialize,
 };
-use solana_program::pubkey::Pubkey;
+use solana_program::{
+    program_error::ProgramError,
+    program_pack::{
+        IsInitialized,
+        Pack,
+    },
+    pubkey::Pubkey,
+};
 use solitaire::{
     pack_type,
     processors::seeded::{
@@ -101,10 +108,43 @@ pub mod spl_token_2022 {
     }
 }
 
+trait MintExtensionPack: Pack {
+    fn unpack(input: &[u8]) -> Result<Self, ProgramError>;
+}
+
+// from: https://github.com/solana-program/token-2022/blob/9cbf7a1e9bab57aabb71b4b84fc84e3670108573/interface/src/extension/mod.rs#L262-L268
+// Since there is no account discriminator in these accounts, it's possible to confuse a multisig account for a mint account.
+// This check prevents that by ensuring the length is not equal to a multisig account length.
+// Mint accounts that happen to be 355 bytes long are out of luck (but this won't concern us, if it's even possible).
+fn check_min_len_and_not_multisig(input: &[u8], minimum_len: usize) -> Result<(), ProgramError> {
+    const MULTISIG_LEN: usize = 355; // spl_token::state::Multisig::LEN;
+    if input.len() == MULTISIG_LEN || input.len() < minimum_len {
+        Err(ProgramError::InvalidAccountData)
+    } else {
+        Ok(())
+    }
+}
+
+impl MintExtensionPack for Mint {
+    // this implementation is almost identical to the default Pack::unpack,
+    // except for the length check. Instead of requiring exact length, we require
+    // a minimum length, to allow for extensions.
+    fn unpack(input: &[u8]) -> Result<Self, ProgramError> {
+        check_min_len_and_not_multisig(input, Self::LEN)?;
+        let value: Mint = solana_program::program_pack::Pack::unpack_from_slice(input)?;
+        if value.is_initialized() {
+            Ok(value)
+        } else {
+            Err(ProgramError::UninitializedAccount)
+        }
+    }
+}
+
 pack_type!(
     SplMint,
     Mint,
-    AccountOwner::OneOf(vec![spl_token::id(), spl_token_2022::id()])
+    AccountOwner::OneOf(vec![spl_token::id(), spl_token_2022::id()]),
+    MintExtensionPack
 );
 pack_type!(
     SplAccount,

solana/solitaire/program/src/macros.rs

@@ -111,14 +111,26 @@ macro_rules! solitaire {
 
 #[macro_export]
 macro_rules! pack_type_impl {
-    ($name:ident, $embed:ty, $owner:expr) => {
+    // We take a "unpacker" as an input, which specifies how to unpack the embedded type.
+    // In most cases, this should be just be
+    // `solana_program::program_pack::Pack`, but in some cases (like token-2022
+    // mints) it may be a custom trait that provides an `unpack` method. This is
+    // because `Pack` does a strict length check on the account, whereas
+    // token-2022 mints with extensions might be longer.
+    //
+    // NOTE: we only use this on the deserialisation side, but we keep the call for serialisation
+    // as solana_program::program_pack::Pack::pack_into_slice. We could generalise that side too, but in
+    // reality, that code is never invoked, because solitaire will persist (and
+    // thus serialise) accounts that are owned by the current program.
+    // `pack_type!` on the other hands is only used for solitaire-ising external accounts.
+    ($name:ident, $embed:ty, $owner:expr, $unpacker:path) => {
         #[repr(transparent)]
         pub struct $name(pub $embed);
 
         impl BorshDeserialize for $name {
             fn deserialize(buf: &mut &[u8]) -> std::io::Result<Self> {
                 let acc = $name(
-                    solana_program::program_pack::Pack::unpack(buf)
+                    <$embed as $unpacker>::unpack(buf)
                         .map_err(|e| std::io::Error::new(std::io::ErrorKind::Other, e))?,
                 );
                 // We need to clear the buf to show to Borsh that we've read all data
@@ -162,15 +174,21 @@ macro_rules! pack_type_impl {
 #[macro_export]
 macro_rules! pack_type {
     ($name:ident, $embed:ty, AccountOwner::OneOf($owner:expr)) => {
-        solitaire::pack_type_impl!($name, $embed, AccountOwner::OneOf($owner));
+        solitaire::pack_type_impl!($name, $embed, AccountOwner::OneOf($owner), solana_program::program_pack::Pack);
 
         impl solitaire::processors::seeded::MultiOwned for $name {
         }
     };
     ($name:ident, $embed:ty, $owner:expr) => {
-        solitaire::pack_type_impl!($name, $embed, $owner);
+        solitaire::pack_type_impl!($name, $embed, $owner, solana_program::program_pack::Pack);
 
         impl solitaire::processors::seeded::SingleOwned for $name {
         }
     };
+    ($name:ident, $embed:ty, AccountOwner::OneOf($owner:expr), $unpacker:ident) => {
+        solitaire::pack_type_impl!($name, $embed, AccountOwner::OneOf($owner), $unpacker);
+
+        impl solitaire::processors::seeded::MultiOwned for $name {
+        }
+    };
 }