gnunet-svn
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[taler-merchant] branch master updated: implement regex to restrict id

From: gnunet
Subject: [taler-merchant] branch master updated: implement regex to restrict id
Date: Tue, 20 Jul 2021 16:41:46 +0200 
This is an automated email from the git hooks/post-receive script.

grothoff pushed a commit to branch master
in repository merchant.

The following commit(s) were added to refs/heads/master by this push:
     new 44f26ef6 implement regex to restrict id
44f26ef6 is described below

commit 44f26ef64f0036474f4eed6974886ee4f41e28f0
Author: Christian Grothoff <christian@grothoff.org>
AuthorDate: Tue Jul 20 16:41:44 2021 +0200

    implement regex to restrict id
---
 src/backend/taler-merchant-httpd_auditors.c            | 17 +++++++++--------
 .../taler-merchant-httpd_private-post-instances.c      | 18 ++++++++++++++----
 2 files changed, 23 insertions(+), 12 deletions(-)

diff --git a/src/backend/taler-merchant-httpd_auditors.c 
b/src/backend/taler-merchant-httpd_auditors.c
index ce2e17e8..e58115f6 100644
--- a/src/backend/taler-merchant-httpd_auditors.c
+++ b/src/backend/taler-merchant-httpd_auditors.c
@@ -230,14 +230,15 @@ TMH_AUDITORS_init (const struct 
GNUNET_CONFIGURATION_Handle *cfg)
   j_auditors = json_array ();
   for (unsigned int cnt = 0; cnt < nauditors; cnt++)
     GNUNET_assert (0 ==
-                   json_array_append_new (j_auditors,
-                                          json_pack ("{s:s, s:o, s:s}",
-                                                     "name", 
auditors[cnt].name,
-                                                     "auditor_pub",
-                                                     
GNUNET_JSON_from_data_auto (
-                                                       
&auditors[cnt].public_key),
-                                                     "url",
-                                                     auditors[cnt].url)));
+                   json_array_append_new (
+                     j_auditors,
+                     json_pack ("{s:s, s:o, s:s}",
+                                "name", auditors[cnt].name,
+                                "auditor_pub",
+                                GNUNET_JSON_from_data_auto (
+                                  &auditors[cnt].public_key),
+                                "url",
+                                auditors[cnt].url)));
   return nauditors;
 }
 
diff --git a/src/backend/taler-merchant-httpd_private-post-instances.c 
b/src/backend/taler-merchant-httpd_private-post-instances.c
index 7550beb4..95f2ca37 100644
--- a/src/backend/taler-merchant-httpd_private-post-instances.c
+++ b/src/backend/taler-merchant-httpd_private-post-instances.c
@@ -25,7 +25,7 @@
 #include "platform.h"
 #include "taler-merchant-httpd_private-post-instances.h"
 #include <taler/taler_json_lib.h>
-
+#include <regex.h>
 
 /**
  * How often do we retry the simple INSERT database transaction?
@@ -287,12 +287,22 @@ TMH_private_post_instances (const struct 
TMH_RequestHandler *rh,
 
   /* check 'id' well-formed */
   {
+    static bool once;
+    static regex_t reg;
     bool id_wellformed = true;
 
-    if (NULL != strchr (is.id, '/'))
+    if (! once)
+    {
+      GNUNET_assert (0 ==
+                     regcomp (&reg,
+                              "^[A-Za-z0-9][A-Za-z0-9_.@-]+$",
+                              REG_EXTENDED));
+    }
+
+    if (0 != regexec (&reg,
+                      is.id,
+                      0, NULL, 0))
       id_wellformed = false;
-    // FIXME: implement regex [A-Za-z0-9_.@-]
-    // FIXME: document charset in docs, add restriction to SPA
     if (! id_wellformed)
       return TALER_MHD_reply_with_error (connection,
                                          MHD_HTTP_BAD_REQUEST,

-- 
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]