From cb394100de9d1fa39068455b4529a6821adac49f Mon Sep 17 00:00:00 2001
From: samkim-crypto <skim13@cs.stanford.edu>
Date: Thu, 5 Dec 2024 17:28:26 +0900
Subject: [PATCH] check for excessive secp256r1 signature verification in the
 banking state

---
 Cargo.lock                              | 1 +
 core/Cargo.toml                         | 1 +
 core/src/banking_stage/packet_filter.rs | 6 +++++-
 programs/sbf/Cargo.lock                 | 1 +
 svm/examples/Cargo.lock                 | 1 +
 5 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/Cargo.lock b/Cargo.lock
index 69ae47c2ad2abf..15e06991cfa05f 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -6729,6 +6729,7 @@ dependencies = [
  "solana-runtime-transaction",
  "solana-sanitize",
  "solana-sdk",
+ "solana-sdk-ids",
  "solana-send-transaction-service",
  "solana-short-vec",
  "solana-stake-program",
diff --git a/core/Cargo.toml b/core/Cargo.toml
index df42ec84657648..8f400b02c108ea 100644
--- a/core/Cargo.toml
+++ b/core/Cargo.toml
@@ -77,6 +77,7 @@ solana-runtime = { workspace = true }
 solana-runtime-transaction = { workspace = true }
 solana-sanitize = { workspace = true }
 solana-sdk = { workspace = true }
+solana-sdk-ids = { workspace = true }
 solana-send-transaction-service = { workspace = true }
 solana-short-vec = { workspace = true }
 solana-streamer = { workspace = true }
diff --git a/core/src/banking_stage/packet_filter.rs b/core/src/banking_stage/packet_filter.rs
index 057f0f90c45df9..b9176c9b8ac91d 100644
--- a/core/src/banking_stage/packet_filter.rs
+++ b/core/src/banking_stage/packet_filter.rs
@@ -5,6 +5,7 @@ use {
     solana_sdk::{
         ed25519_program, feature_set::FeatureSet, saturating_add_assign, secp256k1_program,
     },
+    solana_sdk_ids::secp256r1_program,
     thiserror::Error,
 };
 
@@ -48,7 +49,10 @@ impl ImmutableDeserializedPacket {
     pub fn check_excessive_precompiles(&self) -> Result<(), PacketFilterFailure> {
         let mut num_precompile_signatures: u64 = 0;
         for (program_id, ix) in self.transaction().get_message().program_instructions_iter() {
-            if secp256k1_program::check_id(program_id) || ed25519_program::check_id(program_id) {
+            if secp256k1_program::check_id(program_id)
+                || ed25519_program::check_id(program_id)
+                || secp256r1_program::check_id(program_id)
+            {
                 let num_signatures = ix.data.first().map_or(0, |byte| u64::from(*byte));
                 saturating_add_assign!(num_precompile_signatures, num_signatures);
             }
diff --git a/programs/sbf/Cargo.lock b/programs/sbf/Cargo.lock
index 4aabc16f3c955e..9bedd51dbe6ffa 100644
--- a/programs/sbf/Cargo.lock
+++ b/programs/sbf/Cargo.lock
@@ -5422,6 +5422,7 @@ dependencies = [
  "solana-runtime-transaction",
  "solana-sanitize",
  "solana-sdk",
+ "solana-sdk-ids",
  "solana-send-transaction-service",
  "solana-short-vec",
  "solana-streamer",
diff --git a/svm/examples/Cargo.lock b/svm/examples/Cargo.lock
index 7bd58e61e953d3..6cc991631d62f6 100644
--- a/svm/examples/Cargo.lock
+++ b/svm/examples/Cargo.lock
@@ -5273,6 +5273,7 @@ dependencies = [
  "solana-runtime-transaction",
  "solana-sanitize",
  "solana-sdk",
+ "solana-sdk-ids",
  "solana-send-transaction-service",
  "solana-short-vec",
  "solana-streamer",