Prevent migration to a restricted code

CosmWasm · Jul 8, 2022 · ffd8a3c · ffd8a3c
1 parent 3787f3d
commit ffd8a3c
Show file tree

Hide file tree

Showing 3 changed files with 18 additions and 1 deletion.
diff --git a/x/wasm/keeper/contract_keeper.go b/x/wasm/keeper/contract_keeper.go
@@ -75,7 +75,7 @@ func (p PermissionedKeeper) UnpinCode(ctx sdk.Context, codeID uint64) error {
 	return p.nested.unpinCode(ctx, codeID)
 }
 
-// SetExtraContractAttributes updates the extra attributes that can be stored with the contract info
+// SetContractInfoExtension updates the extra attributes that can be stored with the contract info
 func (p PermissionedKeeper) SetContractInfoExtension(ctx sdk.Context, contract sdk.AccAddress, extra types.ContractInfoExtension) error {
 	return p.nested.setContractInfoExtension(ctx, contract, extra)
 }

diff --git a/x/wasm/keeper/keeper.go b/x/wasm/keeper/keeper.go
@@ -395,6 +395,10 @@ func (k Keeper) migrate(ctx sdk.Context, contractAddress sdk.AccAddress, caller
 		return nil, sdkerrors.Wrap(sdkerrors.ErrInvalidRequest, "unknown code")
 	}
 
+	if !authZ.CanInstantiateContract(newCodeInfo.InstantiateConfig, caller) {
+		return nil, sdkerrors.Wrap(sdkerrors.ErrUnauthorized, "to use new code")
+	}
+
 	// check for IBC flag
 	switch report, err := k.wasmVM.AnalyzeCode(newCodeInfo.CodeHash); {
 	case err != nil:

diff --git a/x/wasm/keeper/keeper_test.go b/x/wasm/keeper/keeper_test.go
@@ -875,6 +875,10 @@ func TestMigrate(t *testing.T) {
 	ibcCodeID := StoreIBCReflectContract(t, ctx, keepers).CodeID
 	require.NotEqual(t, originalCodeID, newCodeID)
 
+	restrictedCodeID := StoreHackatomExampleContract(t, ctx, keepers).CodeID
+	keeper.SetAccessConfig(ctx, restrictedCodeID, types.AllowNobody)
+	require.NotEqual(t, originalCodeID, restrictedCodeID)
+
 	anyAddr := RandomAccountAddress(t)
 	newVerifierAddr := RandomAccountAddress(t)
 	initMsgBz := HackatomExampleInitMsg{
@@ -952,6 +956,15 @@ func TestMigrate(t *testing.T) {
 			toCodeID:   originalCodeID,
 			expErr:     sdkerrors.ErrUnauthorized,
 		},
+		"prevent migration when new code is restricted": {
+			admin:      creator,
+			caller:     creator,
+			initMsg:    initMsgBz,
+			fromCodeID: originalCodeID,
+			toCodeID:   restrictedCodeID,
+			migrateMsg: migMsgBz,
+			expErr:     sdkerrors.ErrUnauthorized,
+		},
 		"fail with non existing code id": {
 			admin:      creator,
 			caller:     creator,