aboutsummaryrefslogtreecommitdiff
path: root/src/wallet/wallet_rpc_server.cpp
diff options
context:
space:
mode:
authorRiccardo Spagni <ric@spagni.net>2017-02-21 00:51:46 +0200
committerRiccardo Spagni <ric@spagni.net>2017-02-21 00:51:46 +0200
commitba633d33a83abd71498e420ad6d81a55653d2a91 (patch)
tree1a929b9b4f68b2087f0ebf15e45d14160b536172 /src/wallet/wallet_rpc_server.cpp
parentMerge pull request #1748 (diff)
parentsimplewallet: validate hex input size (diff)
downloadmonero-ba633d33a83abd71498e420ad6d81a55653d2a91.tar.xz
Merge pull request #1732
83ec209f simplewallet: validate hex input size (moneromooo-monero)
Diffstat (limited to 'src/wallet/wallet_rpc_server.cpp')
-rw-r--r--src/wallet/wallet_rpc_server.cpp8
1 files changed, 4 insertions, 4 deletions
diff --git a/src/wallet/wallet_rpc_server.cpp b/src/wallet/wallet_rpc_server.cpp
index 881279e42..ee50c3cdb 100644
--- a/src/wallet/wallet_rpc_server.cpp
+++ b/src/wallet/wallet_rpc_server.cpp
@@ -983,7 +983,7 @@ namespace tools
while (i != req.txids.end())
{
cryptonote::blobdata txid_blob;
- if(!epee::string_tools::parse_hexstr_to_binbuff(*i++, txid_blob))
+ if(!epee::string_tools::parse_hexstr_to_binbuff(*i++, txid_blob) || txid_blob.size() != sizeof(crypto::hash))
{
er.code = WALLET_RPC_ERROR_CODE_WRONG_TXID;
er.message = "TX ID has invalid format";
@@ -1013,7 +1013,7 @@ namespace tools
while (i != req.txids.end())
{
cryptonote::blobdata txid_blob;
- if(!epee::string_tools::parse_hexstr_to_binbuff(*i++, txid_blob))
+ if(!epee::string_tools::parse_hexstr_to_binbuff(*i++, txid_blob) || txid_blob.size() != sizeof(crypto::hash))
{
er.code = WALLET_RPC_ERROR_CODE_WRONG_TXID;
er.message = "TX ID has invalid format";
@@ -1206,7 +1206,7 @@ namespace tools
{
cryptonote::blobdata bd;
- if(!epee::string_tools::parse_hexstr_to_binbuff(req.signed_key_images[n].key_image, bd))
+ if(!epee::string_tools::parse_hexstr_to_binbuff(req.signed_key_images[n].key_image, bd) || bd.size() != sizeof(crypto::key_image))
{
er.code = WALLET_RPC_ERROR_CODE_WRONG_KEY_IMAGE;
er.message = "failed to parse key image";
@@ -1214,7 +1214,7 @@ namespace tools
}
ski[n].first = *reinterpret_cast<const crypto::key_image*>(bd.data());
- if(!epee::string_tools::parse_hexstr_to_binbuff(req.signed_key_images[n].signature, bd))
+ if(!epee::string_tools::parse_hexstr_to_binbuff(req.signed_key_images[n].signature, bd) || bd.size() != sizeof(crypto::signature))
{
er.code = WALLET_RPC_ERROR_CODE_WRONG_SIGNATURE;
er.message = "failed to parse signature";