FV-ANC-8-CL1 Unvalidated sysvar address

Bad

// Using sysvar without validating its address
let rent = ctx.accounts.rent;

Good

// Validate the sysvar address explicitly
if ctx.accounts.rent.key() != sysvar::rent::ID {
    return Err(ProgramError::InvalidArgument);
}
PreviousFV-ANC-8 System Account ValidationNextFV-ANC-9 Type Cosplay

Last updated

Was this helpful?