rest: Reject negative outpoint index in getutxos parsing

This commit is contained in:
MarcoFalke 2024-07-12 17:48:40 +02:00
parent 4d6af61d87
commit fab54db9f1
No known key found for this signature in database
2 changed files with 8 additions and 4 deletions

View file

@ -788,14 +788,15 @@ static bool rest_getutxos(const std::any& context, HTTPRequest* req, const std::
for (size_t i = (fCheckMemPool) ? 1 : 0; i < uriParts.size(); i++) for (size_t i = (fCheckMemPool) ? 1 : 0; i < uriParts.size(); i++)
{ {
int32_t nOutput;
std::string strTxid = uriParts[i].substr(0, uriParts[i].find('-')); std::string strTxid = uriParts[i].substr(0, uriParts[i].find('-'));
std::string strOutput = uriParts[i].substr(uriParts[i].find('-')+1); std::string strOutput = uriParts[i].substr(uriParts[i].find('-')+1);
auto output{ToIntegral<uint32_t>(strOutput)};
if (!ParseInt32(strOutput, &nOutput) || !IsHex(strTxid)) if (!output || !IsHex(strTxid)) {
return RESTERR(req, HTTP_BAD_REQUEST, "Parse error"); return RESTERR(req, HTTP_BAD_REQUEST, "Parse error");
}
vOutPoints.emplace_back(TxidFromString(strTxid), (uint32_t)nOutput); vOutPoints.emplace_back(TxidFromString(strTxid), *output);
} }
if (vOutPoints.size() > 0) if (vOutPoints.size() > 0)

View file

@ -201,10 +201,13 @@ class RESTTest (BitcoinTestFramework):
json_obj = self.test_rest_request(f"/getutxos/checkmempool/{spending[0]}-{spending[1]}") json_obj = self.test_rest_request(f"/getutxos/checkmempool/{spending[0]}-{spending[1]}")
assert_equal(len(json_obj['utxos']), 1) assert_equal(len(json_obj['utxos']), 1)
# Do some invalid requests self.log.info("Check some invalid requests")
self.test_rest_request("/getutxos", http_method='POST', req_type=ReqType.JSON, body='{"checkmempool', status=400, ret_type=RetType.OBJ) self.test_rest_request("/getutxos", http_method='POST', req_type=ReqType.JSON, body='{"checkmempool', status=400, ret_type=RetType.OBJ)
self.test_rest_request("/getutxos", http_method='POST', req_type=ReqType.BIN, body='{"checkmempool', status=400, ret_type=RetType.OBJ) self.test_rest_request("/getutxos", http_method='POST', req_type=ReqType.BIN, body='{"checkmempool', status=400, ret_type=RetType.OBJ)
self.test_rest_request("/getutxos/checkmempool", http_method='POST', req_type=ReqType.JSON, status=400, ret_type=RetType.OBJ) self.test_rest_request("/getutxos/checkmempool", http_method='POST', req_type=ReqType.JSON, status=400, ret_type=RetType.OBJ)
self.test_rest_request(f"/getutxos/{spending[0]}_+1", ret_type=RetType.OBJ, status=400)
self.test_rest_request(f"/getutxos/{spending[0]}-+1", ret_type=RetType.OBJ, status=400)
self.test_rest_request(f"/getutxos/{spending[0]}--1", ret_type=RetType.OBJ, status=400)
# Test limits # Test limits
long_uri = '/'.join([f"{txid}-{n_}" for n_ in range(20)]) long_uri = '/'.join([f"{txid}-{n_}" for n_ in range(20)])