[Invalid memory access] # of accounts not checked in Solana target

[ivypowered]

On the Solana target, we do not validate the number of accounts passed to the program. However, in contract_storage_data, we access SolParameters.ka[0].data ([0, 0, 0, 3]). Thus, if we pass zero accounts to the program with an empty discriminator, the program tries to fetch the first account (ka[0]) and accesses invalid memory.

'Program PBcJAsUDYnXE1nPrYnkeYQAsYQkGKnhEaNBJPyeytAs invoke [1]',
  'Program PBcJAsUDYnXE1nPrYnkeYQAsYQkGKnhEaNBJPyeytAs consumed 41 of 200000 compute units',
  'Program PBcJAsUDYnXE1nPrYnkeYQAsYQkGKnhEaNBJPyeytAs failed: Access violation in unknown section at address 0x0 of size 4'

I think that due to the nature of how things are laid out this doesn't necessarily cause any security vulnerabilities as such but it is definitely not ideal!! :)