Fix test

The test was meant to ensure the signature covered the 'tokens' field, but then when the 'plan' field was rolled in, Transaction::verify() started failing because Plan::verify() failed. When Transaction::verify() was split into two, the unexpected failure was exposed but went unnoticed. This patch brings it back to its original intent, to ensure signature verification fails if the network attempts to change the client's payment.
solana-labs · Apr 12, 2018 · a2d187d · a2d187d
1 parent 911280d
commit a2d187d
Showing 1 changed file with 7 additions and 3 deletions.
diff --git a/src/transaction.rs b/src/transaction.rs
@@ -167,13 +167,17 @@ mod tests {
     }
 
     #[test]
-    fn test_bad_event_signature() {
+    fn test_token_attack() {
         let zero = Hash::default();
         let keypair = KeyPair::new();
         let pubkey = keypair.pubkey();
         let mut tr = Transaction::new(&keypair, pubkey, 42, zero);
-        tr.data.tokens = 1_000_000; // <-- attack!
-        assert!(!tr.verify_plan());
+        tr.data.tokens = 1_000_000; // <-- attack, part 1!
+        if let Plan::Pay(ref mut payment) = tr.data.plan {
+            payment.tokens = tr.data.tokens; // <-- attack, part 2!
+        };
+        assert!(tr.verify_plan());
+        assert!(!tr.verify_sig());
     }
 
     #[test]