Cross-Program Reinit Remediation

Overview

Related Detector: Cross-Program Reinit

Cross-program re-initialization allows attackers to replace account data. The fix is to re-validate account discriminators, version fields, and ownership after any CPI that could modify the account.

Recommended Fix

invoke(&external_ix, accounts)?;
account.reload()?;
require!(account.discriminator == EXPECTED, Reinitialized);
require!(account.owner == program_id, InvalidOwner);

Common Mistakes

Mistake: Trusting Cached Data After CPI

let cached = account.data.clone();
invoke(&ix, accounts)?;
use_data(&cached)?;  // WRONG: account may have been re-initialized

Always re-read from the account after CPI.

References

• Sealevel Attacks
• CWE-367: Time-of-check Time-of-use