From 1559d5ea16732dd77bbe49fbac304a7df346417a Mon Sep 17 00:00:00 2001
From: Todd Nowacki <tmn@mystenlabs.com>
Date: Thu, 1 Dec 2022 16:55:54 -0800
Subject: [PATCH] [bug fix] Fix missing return in id_leak_verifier (#6526)

- Fixed missing return
- Added another test
---
 .../id_leak/direct_leak_through_call.exp      |  4 +--
 .../id_leak/indirect_leak_through_call.exp    | 10 +++++--
 .../id_leak/indirect_leak_through_call.mvir   | 23 +++++++++++++++
 .../tests/id_leak/transmute.exp               |  5 ++++
 .../tests/id_leak/transmute.mvir              | 28 +++++++++++++++++++
 crates/sui-verifier/src/id_leak_verifier.rs   |  3 +-
 6 files changed, 67 insertions(+), 6 deletions(-)
 create mode 100644 crates/sui-verifier-transactional-tests/tests/id_leak/transmute.exp
 create mode 100644 crates/sui-verifier-transactional-tests/tests/id_leak/transmute.mvir

diff --git a/crates/sui-verifier-transactional-tests/tests/id_leak/direct_leak_through_call.exp b/crates/sui-verifier-transactional-tests/tests/id_leak/direct_leak_through_call.exp
index 2d7676152eec8..45174ab80046c 100644
--- a/crates/sui-verifier-transactional-tests/tests/id_leak/direct_leak_through_call.exp
+++ b/crates/sui-verifier-transactional-tests/tests/id_leak/direct_leak_through_call.exp
@@ -1,5 +1,5 @@
 processed 1 task
 
 task 0 'publish'. lines 4-25:
-created: object(103)
-written: object(102)
+Error: Transaction Effects Status: Move Bytecode Verification Error. Please run the Bytecode Verifier for more information.
+Execution Error: ExecutionError: ExecutionError { inner: ExecutionErrorInner { kind: VMVerificationOrDeserializationError, source: Some(VMError { major_status: UNKNOWN_VERIFICATION_ERROR, sub_status: None, message: Some("Sui Move Bytecode Verification Error: ID leaked through function call."), exec_state: None, location: Module(ModuleId { address: _, name: Identifier("m") }), indices: [], offsets: [] }) } }
diff --git a/crates/sui-verifier-transactional-tests/tests/id_leak/indirect_leak_through_call.exp b/crates/sui-verifier-transactional-tests/tests/id_leak/indirect_leak_through_call.exp
index 2d7676152eec8..9450fa899b169 100644
--- a/crates/sui-verifier-transactional-tests/tests/id_leak/indirect_leak_through_call.exp
+++ b/crates/sui-verifier-transactional-tests/tests/id_leak/indirect_leak_through_call.exp
@@ -1,5 +1,9 @@
-processed 1 task
+processed 2 tasks
 
 task 0 'publish'. lines 4-25:
-created: object(103)
-written: object(102)
+Error: Transaction Effects Status: Move Bytecode Verification Error. Please run the Bytecode Verifier for more information.
+Execution Error: ExecutionError: ExecutionError { inner: ExecutionErrorInner { kind: VMVerificationOrDeserializationError, source: Some(VMError { major_status: UNKNOWN_VERIFICATION_ERROR, sub_status: None, message: Some("Sui Move Bytecode Verification Error: ID leaked through function call."), exec_state: None, location: Module(ModuleId { address: _, name: Identifier("m") }), indices: [], offsets: [] }) } }
+
+task 1 'publish'. lines 27-48:
+Error: Transaction Effects Status: Move Bytecode Verification Error. Please run the Bytecode Verifier for more information.
+Execution Error: ExecutionError: ExecutionError { inner: ExecutionErrorInner { kind: VMVerificationOrDeserializationError, source: Some(VMError { major_status: UNKNOWN_VERIFICATION_ERROR, sub_status: None, message: Some("Sui Move Bytecode Verification Error: ID leaked through function call."), exec_state: None, location: Module(ModuleId { address: _, name: Identifier("m") }), indices: [], offsets: [] }) } }
diff --git a/crates/sui-verifier-transactional-tests/tests/id_leak/indirect_leak_through_call.mvir b/crates/sui-verifier-transactional-tests/tests/id_leak/indirect_leak_through_call.mvir
index 418b462a0da8a..c44e6ea4dca9f 100644
--- a/crates/sui-verifier-transactional-tests/tests/id_leak/indirect_leak_through_call.mvir
+++ b/crates/sui-verifier-transactional-tests/tests/id_leak/indirect_leak_through_call.mvir
@@ -23,3 +23,26 @@ module 0x0.m {
     }
 
 }
+
+//# publish
+module 0x0.m {
+    import 0x2.object;
+
+    struct Foo has key {
+        id: object.UID,
+    }
+
+    transfer(id: object.UID) {
+        label l0:
+        abort 0;
+    }
+
+    foo(f: Self.Foo, v: &mut vector<object.UID>) {
+        let id: object.UID;
+        label l0:
+        Foo { id } = move(f);
+        Self.transfer(move(id));
+        return;
+    }
+
+}
diff --git a/crates/sui-verifier-transactional-tests/tests/id_leak/transmute.exp b/crates/sui-verifier-transactional-tests/tests/id_leak/transmute.exp
new file mode 100644
index 0000000000000..808324dfa53fb
--- /dev/null
+++ b/crates/sui-verifier-transactional-tests/tests/id_leak/transmute.exp
@@ -0,0 +1,5 @@
+processed 1 task
+
+task 0 'publish'. lines 4-28:
+Error: Transaction Effects Status: Move Bytecode Verification Error. Please run the Bytecode Verifier for more information.
+Execution Error: ExecutionError: ExecutionError { inner: ExecutionErrorInner { kind: VMVerificationOrDeserializationError, source: Some(VMError { major_status: UNKNOWN_VERIFICATION_ERROR, sub_status: None, message: Some("Sui Move Bytecode Verification Error: ID leaked through function call."), exec_state: None, location: Module(ModuleId { address: _, name: Identifier("m") }), indices: [], offsets: [] }) } }
diff --git a/crates/sui-verifier-transactional-tests/tests/id_leak/transmute.mvir b/crates/sui-verifier-transactional-tests/tests/id_leak/transmute.mvir
new file mode 100644
index 0000000000000..d28b8f118dc54
--- /dev/null
+++ b/crates/sui-verifier-transactional-tests/tests/id_leak/transmute.mvir
@@ -0,0 +1,28 @@
+// Copyright (c) Mysten Labs, Inc.
+// SPDX-License-Identifier: Apache-2.0
+
+//# publish
+module 0x0.m {
+    import 0x2.object;
+    import 0x2.tx_context;
+    import 0x2.transfer;
+
+    struct Cat has key {
+        id: object.UID,
+    }
+
+    struct Dog has key {
+        id: object.UID,
+    }
+
+    public entry transmute(cat: Self.Cat, ctx: &mut tx_context.TxContext) {
+        let cat_id: object.UID;
+        let dog: Self.Dog;
+        label l0:
+        Cat { id: cat_id } = move(cat);
+        dog = Dog { id: move(cat_id) };
+        transfer.transfer<Self.Dog>(move(dog), tx_context.sender(freeze(copy(ctx))));
+        return;
+    }
+
+}
diff --git a/crates/sui-verifier/src/id_leak_verifier.rs b/crates/sui-verifier/src/id_leak_verifier.rs
index bc3513c566d99..291ab1e92bd84 100644
--- a/crates/sui-verifier/src/id_leak_verifier.rs
+++ b/crates/sui-verifier/src/id_leak_verifier.rs
@@ -172,7 +172,7 @@ fn call(verifier: &mut IDLeakAnalysis, function_handle: &FunctionHandle) -> Part
         .signature_at(function_handle.parameters);
     for _ in 0..parameters.len() {
         if verifier.stack.pop().unwrap() == AbstractValue::ID && !guaranteed_safe {
-            move_verification_error("ID leaked through function call.");
+            return Err(move_verification_error("ID leaked through function call."));
         }
     }
 
@@ -421,6 +421,7 @@ fn expect_ok<T>(res: Result<T, PartialVMError>) -> PartialVMResult<T> {
     }
 }
 
+#[must_use]
 fn move_verification_error(msg: impl std::fmt::Display) -> PartialVMError {
     PartialVMError::new(StatusCode::UNKNOWN_VERIFICATION_ERROR)
         .with_message(format!("Sui Move Bytecode Verification Error: {}", msg))