compiler: extend permission check to runtime hashes

If a method is known at compile time we can still check if it is present in the list of methods of at least one contract. Signed-off-by: Evgeniy Stratonikov <evgeniy@nspcc.ru>
2021-06-25 10:54:00 +03:00 · 2021-06-25 10:54:00 +03:00 · aa76383fa7
commit aa76383fa7
parent 4249674ddc
4 changed files with 39 additions and 32 deletions
--- a/pkg/compiler/compiler.go
+++ b/pkg/compiler/compiler.go
@ -16,6 +16,7 @@ import (
 	"github.com/nspcc-dev/neo-go/pkg/smartcontract/manifest"
 	"github.com/nspcc-dev/neo-go/pkg/smartcontract/manifest/standard"
 	"github.com/nspcc-dev/neo-go/pkg/smartcontract/nef"
+	"github.com/nspcc-dev/neo-go/pkg/util"
 	"golang.org/x/tools/go/loader"
 )

@ -304,11 +305,13 @@ func CreateManifest(di *DebugInfo, o *Options) (*manifest.Manifest, error) {
 		// Thus only basic checks are performed.

 		for h, methods := range di.InvokedContracts {
+			knownHash := !h.Equals(util.Uint160{})
+
 		methodLoop:
 			for _, m := range methods {
 				for _, p := range o.Permissions {
 					// Group or wildcard permission is ok to try.
-					if p.Contract.Type == manifest.PermissionHash && !p.Contract.Hash().Equals(h) {
+					if knownHash && p.Contract.Type == manifest.PermissionHash && !p.Contract.Hash().Equals(h) {
 						continue
 					}

@ -317,8 +320,12 @@ func CreateManifest(di *DebugInfo, o *Options) (*manifest.Manifest, error) {
 					}
 				}

-				return nil, fmt.Errorf("method '%s' of contract %s is invoked but"+
-					" corresponding permission is missing", m, h.StringLE())
+				if knownHash {
+					return nil, fmt.Errorf("method '%s' of contract %s is invoked but"+
+						" corresponding permission is missing", m, h.StringLE())
+				}
+				return nil, fmt.Errorf("method '%s' is invoked but"+
+					" corresponding permission is missing", m)
 			}
 		}
 	}