[taler-exchange] branch master updated: check well-formedness of URI whe

gnunet-svn

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[taler-exchange] branch master updated: check well-formedness of URI whe

From:	gnunet
Subject:	[taler-exchange] branch master updated: check well-formedness of URI when signing, check return value of function for error
Date:	Sun, 01 Mar 2020 13:31:49 +0100

This is an automated email from the git hooks/post-receive script.

grothoff pushed a commit to branch master
in repository exchange.

The following commit(s) were added to refs/heads/master by this push:
     new 1eb292fe check well-formedness of URI when signing, check return value 
of function for error
1eb292fe is described below

commit 1eb292fe1fa6e00df8758fc1c2e5ac93f341dc4e
Author: Christian Grothoff <address@hidden>
AuthorDate: Sun Mar 1 13:31:46 2020 +0100

    check well-formedness of URI when signing, check return value of function 
for error
---
 src/exchange-tools/taler-exchange-wire.c |  7 +++++++
 src/include/taler_json_lib.h             |  9 ++++++---
 src/json/json_wire.c                     | 14 ++++++++++++--
 3 files changed, 25 insertions(+), 5 deletions(-)

diff --git a/src/exchange-tools/taler-exchange-wire.c 
b/src/exchange-tools/taler-exchange-wire.c
index 0d6cdddb..10d849b4 100644
--- a/src/exchange-tools/taler-exchange-wire.c
+++ b/src/exchange-tools/taler-exchange-wire.c
@@ -74,6 +74,13 @@ sign_account_data (void *cls,
 
   wire = TALER_JSON_exchange_wire_signature_make (ai->payto_uri,
                                                   &master_priv);
+  if (NULL == wire)
+  {
+    GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+                "Could not sign wire account `%s'. Is the URI well-formed?\n");
+    global_ret = 1;
+    return;
+  }
   GNUNET_assert (NULL != wire);
   json_out = json_dumps (wire,
                          JSON_INDENT (2));
diff --git a/src/include/taler_json_lib.h b/src/include/taler_json_lib.h
index d5f6b0ba..c4e107c0 100644
--- a/src/include/taler_json_lib.h
+++ b/src/include/taler_json_lib.h
@@ -149,7 +149,8 @@ TALER_JSON_get_error_code2 (const void *data,
 
 /**
  * Compute the hash of the given wire details.   The resulting
- * hash is what is put into the contract.
+ * hash is what is put into the contract.  Also performs rudimentary
+ * checks on the account data *if* supported.
  *
  * @param wire_s wire details to hash
  * @param[out] hc set to the hash
@@ -161,7 +162,8 @@ TALER_JSON_merchant_wire_signature_hash (const json_t 
*wire_s,
 
 
 /**
- * Check the signature in @a wire_s.
+ * Check the signature in @a wire_s.  Also performs rudimentary
+ * checks on the account data *if* supported.
  *
  * @param wire_s signed wire information of an exchange
  * @param master_pub master public key of the exchange
@@ -177,7 +179,8 @@ TALER_JSON_exchange_wire_signature_check (const json_t 
*wire_s,
  * Create a signed wire statement for the given account.
  *
  * @param payto_uri account specification
- * @param master_priv private key to sign with, NULL to not sign
+ * @param master_priv private key to sign with
+ * @return NULL if @a payto_uri is malformed
  */
 json_t *
 TALER_JSON_exchange_wire_signature_make (const char *payto_uri,
diff --git a/src/json/json_wire.c b/src/json/json_wire.c
index 4fc4cfea..b0bb6750 100644
--- a/src/json/json_wire.c
+++ b/src/json/json_wire.c
@@ -392,7 +392,8 @@ TALER_JSON_merchant_wire_signature_hash (const json_t 
*wire_s,
 
 
 /**
- * Check the signature in @a wire_s.
+ * Check the signature in @a wire_s.  Also performs rudimentary
+ * checks on the account data *if* supported.
  *
  * @param wire_s signed wire information of an exchange
  * @param master_pub master public key of the exchange
@@ -420,6 +421,7 @@ TALER_JSON_exchange_wire_signature_check (const json_t 
*wire_s,
     return GNUNET_SYSERR;
   }
 
+  /* Note: this check does nothing if this is not an IBAN */
   if (GNUNET_SYSERR == validate_payto_iban (payto_uri))
   {
     GNUNET_break_op (0);
@@ -436,7 +438,8 @@ TALER_JSON_exchange_wire_signature_check (const json_t 
*wire_s,
  * Create a signed wire statement for the given account.
  *
  * @param payto_uri account specification
- * @param master_priv private key to sign with, NULL to not sign
+ * @param master_priv private key to sign with
+ * @return NULL if @a payto_uri is malformed
  */
 json_t *
 TALER_JSON_exchange_wire_signature_make (const char *payto_uri,
@@ -445,6 +448,13 @@ TALER_JSON_exchange_wire_signature_make (const char 
*payto_uri,
 {
   struct TALER_MasterSignatureP master_sig;
 
+  /* Note: this check does nothing if this is not an IBAN */
+  if (GNUNET_SYSERR == validate_payto_iban (payto_uri))
+  {
+    GNUNET_break_op (0);
+    return NULL;
+  }
+
   TALER_exchange_wire_signature_make (payto_uri,
                                       master_priv,
                                       &master_sig);

-- 
To stop receiving notification emails like this one, please contact
address@hidden.

[Prev in Thread]

Current Thread

[Next in Thread]

[taler-exchange] branch master updated: check well-formedness of URI when signing, check return value of function for error, gnunet <=

Prev by Date: [taler-docs] branch master updated: more terms
Next by Date: [taler-exchange] branch master updated: use memcpy/memcmp instead of str-functions where applicable
Previous by thread: [taler-docs] branch master updated: more terms
Next by thread: [taler-exchange] branch master updated: use memcpy/memcmp instead of str-functions where applicable
Index(es):
- Date
- Thread