[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [taler-exchange] branch master updated (85a2d3d -> 800c54b)
|
From: |
gnunet |
|
Subject: |
[GNUnet-SVN] [taler-exchange] branch master updated (85a2d3d -> 800c54b) |
|
Date: |
Fri, 06 Oct 2017 21:11:39 +0200 |
This is an automated email from the git hooks/post-receive script.
grothoff pushed a change to branch master
in repository exchange.
from 85a2d3d modify wire auditor to deal with asynchrony of WIRE plugin API
new e5aed9e fix signed calls to isalpha/isdigit/isspace etc.
new 1da03b9 fix indentation
new 2f715c2 check return value from TALER_JSON_hash
new dbab0c6 check return value from TALER_amount_get_zero
new 06f5621 better logging if IBAN validation fails, also avoid
potentially unbounded stack allocation
new 800c54b do not potentially pass -1 to fcntl()
The 6 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
src/auditor/taler-auditor.c | 29 ++++++++++-------
src/benchmark/taler-exchange-benchmark.c | 5 +--
src/exchange-lib/exchange_api_common.c | 13 ++++----
src/exchange-lib/exchange_api_deposit.c | 10 ++++--
src/exchange-lib/exchange_api_reserve.c | 34 ++++++++++++++++----
src/exchange-lib/test_exchange_api.c | 30 +++++++++++-------
src/exchange/taler-exchange-aggregator.c | 36 +++++++++++++--------
src/exchange/taler-exchange-httpd.c | 37 ++++++++++++++++------
src/exchange/taler-exchange-httpd_db.c | 21 ++++++------
src/exchange/taler-exchange-httpd_payback.c | 11 ++++---
.../taler-exchange-httpd_reserve_withdraw.c | 5 +--
src/exchange/taler-exchange-httpd_responses.c | 18 ++++++++---
src/exchangedb/test_exchangedb.c | 9 ++++--
src/json/json.c | 3 ++
src/json/json_helper.c | 4 +--
src/util/amount.c | 2 +-
src/wire/plugin_wire_sepa.c | 12 +++++--
17 files changed, 185 insertions(+), 94 deletions(-)
diff --git a/src/auditor/taler-auditor.c b/src/auditor/taler-auditor.c
index f7ea947..1eff726 100644
--- a/src/auditor/taler-auditor.c
+++ b/src/auditor/taler-auditor.c
@@ -606,7 +606,7 @@ struct ReserveContext
* Transaction status code, set to error codes if applicable.
*/
enum GNUNET_DB_QueryStatus qs;
-
+
};
@@ -2182,8 +2182,15 @@ check_wire_out_cb (void *cls,
wcc.date = date;
TALER_amount_get_zero (amount->currency,
&wcc.total_deposits);
- TALER_JSON_hash (wire,
- &wcc.h_wire);
+ if (GNUNET_OK !=
+ TALER_JSON_hash (wire,
+ &wcc.h_wire))
+ {
+ report_row_inconsistency ("wire_out",
+ rowid,
+ "could not hash wire address");
+ return GNUNET_OK;
+ }
qs = edb->lookup_wire_transfer (edb->cls,
esession,
wtid,
@@ -3170,7 +3177,7 @@ deposit_cb (void *cls,
/* This should not be possible, unless the AUDITOR
has a bug in tracking total balance. */
GNUNET_break (0);
- cc->qs = GNUNET_DB_STATUS_HARD_ERROR;
+ cc->qs = GNUNET_DB_STATUS_HARD_ERROR;
return GNUNET_SYSERR;
}
@@ -3191,7 +3198,7 @@ deposit_cb (void *cls,
&dfee))
{
GNUNET_break (0);
- cc->qs = GNUNET_DB_STATUS_HARD_ERROR;
+ cc->qs = GNUNET_DB_STATUS_HARD_ERROR;
return GNUNET_SYSERR;
}
}
@@ -3304,7 +3311,7 @@ refund_cb (void *cls,
&amount_without_fee))
{
GNUNET_break (0);
- cc->qs = GNUNET_DB_STATUS_HARD_ERROR;
+ cc->qs = GNUNET_DB_STATUS_HARD_ERROR;
return GNUNET_SYSERR;
}
if (GNUNET_OK !=
@@ -3313,7 +3320,7 @@ refund_cb (void *cls,
&amount_without_fee))
{
GNUNET_break (0);
- cc->qs = GNUNET_DB_STATUS_HARD_ERROR;
+ cc->qs = GNUNET_DB_STATUS_HARD_ERROR;
return GNUNET_SYSERR;
}
if (GNUNET_OK !=
@@ -3322,7 +3329,7 @@ refund_cb (void *cls,
&amount_without_fee))
{
GNUNET_break (0);
- cc->qs = GNUNET_DB_STATUS_HARD_ERROR;
+ cc->qs = GNUNET_DB_STATUS_HARD_ERROR;
return GNUNET_SYSERR;
}
if (GNUNET_OK !=
@@ -3331,7 +3338,7 @@ refund_cb (void *cls,
&amount_without_fee))
{
GNUNET_break (0);
- cc->qs = GNUNET_DB_STATUS_HARD_ERROR;
+ cc->qs = GNUNET_DB_STATUS_HARD_ERROR;
return GNUNET_SYSERR;
}
@@ -3347,7 +3354,7 @@ refund_cb (void *cls,
&refund_fee))
{
GNUNET_break (0);
- cc->qs = GNUNET_DB_STATUS_HARD_ERROR;
+ cc->qs = GNUNET_DB_STATUS_HARD_ERROR;
return GNUNET_SYSERR;
}
@@ -3431,7 +3438,7 @@ analyze_coins (void *cls)
}
/* process refreshs */
- if (0 >
+ if (0 >
(qs = edb->select_refreshs_above_serial_id (edb->cls,
esession,
pp.last_melt_serial_id,
diff --git a/src/benchmark/taler-exchange-benchmark.c
b/src/benchmark/taler-exchange-benchmark.c
index 10a5eed..eae2ec9 100644
--- a/src/benchmark/taler-exchange-benchmark.c
+++ b/src/benchmark/taler-exchange-benchmark.c
@@ -883,8 +883,9 @@ spend_coin (struct Coin *coin,
dr.purpose.size = htonl (sizeof (struct TALER_DepositRequestPS));
dr.purpose.purpose = htonl (TALER_SIGNATURE_WALLET_COIN_DEPOSIT);
dr.h_contract_terms = h_contract_terms;
- TALER_JSON_hash (merchant_details,
- &dr.h_wire);
+ GNUNET_assert (GNUNET_OK ==
+ TALER_JSON_hash (merchant_details,
+ &dr.h_wire));
dr.timestamp = GNUNET_TIME_absolute_hton (timestamp);
dr.refund_deadline = GNUNET_TIME_absolute_hton (refund_deadline);
diff --git a/src/exchange-lib/exchange_api_common.c
b/src/exchange-lib/exchange_api_common.c
index 99086a7..9d2a827 100644
--- a/src/exchange-lib/exchange_api_common.c
+++ b/src/exchange-lib/exchange_api_common.c
@@ -42,7 +42,6 @@ TALER_EXCHANGE_verify_coin_history (const char *currency,
struct TALER_Amount *total)
{
size_t len;
- size_t off;
int add;
struct TALER_Amount rtotal;
@@ -57,11 +56,13 @@ TALER_EXCHANGE_verify_coin_history (const char *currency,
GNUNET_break_op (0);
return GNUNET_SYSERR;
}
- TALER_amount_get_zero (currency,
- total);
- TALER_amount_get_zero (currency,
- &rtotal);
- for (off=0;off<len;off++)
+ GNUNET_assert (GNUNET_OK ==
+ TALER_amount_get_zero (currency,
+ total));
+ GNUNET_assert (GNUNET_OK ==
+ TALER_amount_get_zero (currency,
+ &rtotal));
+ for (size_t off=0;off<len;off++)
{
json_t *transaction;
struct TALER_Amount amount;
diff --git a/src/exchange-lib/exchange_api_deposit.c
b/src/exchange-lib/exchange_api_deposit.c
index 4937b14..d90b1aa 100644
--- a/src/exchange-lib/exchange_api_deposit.c
+++ b/src/exchange-lib/exchange_api_deposit.c
@@ -415,9 +415,13 @@ TALER_EXCHANGE_deposit (struct TALER_EXCHANGE_Handle
*exchange,
GNUNET_assert (GNUNET_YES ==
MAH_handle_is_ready (exchange));
/* initialize h_wire */
- GNUNET_assert (GNUNET_OK ==
- TALER_JSON_hash (wire_details,
- &h_wire));
+ if (GNUNET_OK !=
+ TALER_JSON_hash (wire_details,
+ &h_wire))
+ {
+ GNUNET_break (0);
+ return NULL;
+ }
key_state = TALER_EXCHANGE_get_keys (exchange);
dki = TALER_EXCHANGE_get_denomination_key (key_state,
denom_pub);
diff --git a/src/exchange-lib/exchange_api_reserve.c
b/src/exchange-lib/exchange_api_reserve.c
index 4b5152c..6af500e 100644
--- a/src/exchange-lib/exchange_api_reserve.c
+++ b/src/exchange-lib/exchange_api_reserve.c
@@ -104,10 +104,12 @@ parse_reserve_history (struct TALER_EXCHANGE_Handle
*exchange,
struct TALER_Amount total_out;
size_t off;
- TALER_amount_get_zero (currency,
- &total_in);
- TALER_amount_get_zero (currency,
- &total_out);
+ GNUNET_assert (GNUNET_OK ==
+ TALER_amount_get_zero (currency,
+ &total_in));
+ GNUNET_assert (GNUNET_OK ==
+ TALER_amount_get_zero (currency,
+ &total_out));
uuid_off = 0;
for (off=0;off<history_length;off++)
{
@@ -354,8 +356,13 @@ parse_reserve_history (struct TALER_EXCHANGE_Handle
*exchange,
}
TALER_amount_hton (&rcc.closing_amount,
&amount);
- TALER_JSON_hash
(rhistory[off].details.close_details.receiver_account_details,
- &rcc.h_wire);
+ if (GNUNET_OK !=
+ TALER_JSON_hash
(rhistory[off].details.close_details.receiver_account_details,
+ &rcc.h_wire))
+ {
+ GNUNET_break (0);
+ return GNUNET_SYSERR;
+ }
rcc.wtid = rhistory[off].details.close_details.wtid;
rcc.purpose.size = htonl (sizeof (rcc));
rcc.purpose.purpose = htonl (TALER_SIGNATURE_EXCHANGE_RESERVE_CLOSED);
@@ -820,7 +827,20 @@ reserve_withdraw_payment_required (struct
TALER_EXCHANGE_ReserveWithdrawHandle *
total incoming and outgoing amounts */
len = json_array_size (history);
{
- struct TALER_EXCHANGE_ReserveHistory rhistory[len];
+ struct TALER_EXCHANGE_ReserveHistory *rhistory;
+
+ /* Use heap allocation as "len" may be very big and thus this may
+ not fit on the stack. Use "GNUNET_malloc_large" as a malicious
+ exchange may theoretically try to crash us by giving a history
+ that does not fit into our memory. */
+ rhistory = GNUNET_malloc_large (sizeof (struct
TALER_EXCHANGE_ReserveHistory) * len);
+ if (NULL == rhistory)
+ {
+ GNUNET_break (0);
+ free_rhistory (rhistory,
+ len);
+ return GNUNET_SYSERR;
+ }
if (GNUNET_OK !=
parse_reserve_history (wsh->exchange,
diff --git a/src/exchange-lib/test_exchange_api.c
b/src/exchange-lib/test_exchange_api.c
index 4c0a49e..70fb3ff 100644
--- a/src/exchange-lib/test_exchange_api.c
+++ b/src/exchange-lib/test_exchange_api.c
@@ -1709,8 +1709,9 @@ wire_deposits_cb (void *cls,
wire = json_loads (dep->details.deposit.wire_details,
JSON_REJECT_DUPLICATES,
NULL);
- TALER_JSON_hash (wire,
- &hw);
+ GNUNET_assert (GNUNET_OK ==
+ TALER_JSON_hash (wire,
+ &hw));
json_decref (wire);
if (0 != memcmp (&hw,
h_wire,
@@ -2261,8 +2262,9 @@ interpreter_run (void *cls)
fail (is);
return;
}
- TALER_JSON_hash (contract_terms,
- &h_contract_terms);
+ GNUNET_assert (GNUNET_OK ==
+ TALER_JSON_hash (contract_terms,
+ &h_contract_terms));
json_decref (contract_terms);
wire = json_loads (cmd->details.deposit.wire_details,
JSON_REJECT_DUPLICATES,
@@ -2307,8 +2309,9 @@ interpreter_run (void *cls)
dr.purpose.size = htonl (sizeof (struct TALER_DepositRequestPS));
dr.purpose.purpose = htonl (TALER_SIGNATURE_WALLET_COIN_DEPOSIT);
dr.h_contract_terms = h_contract_terms;
- TALER_JSON_hash (wire,
- &dr.h_wire);
+ GNUNET_assert (GNUNET_OK ==
+ TALER_JSON_hash (wire,
+ &dr.h_wire));
dr.timestamp = GNUNET_TIME_absolute_hton (timestamp);
dr.refund_deadline = GNUNET_TIME_absolute_hton (refund_deadline);
TALER_amount_hton (&dr.amount_with_fee,
@@ -2542,15 +2545,17 @@ interpreter_run (void *cls)
JSON_REJECT_DUPLICATES,
NULL);
GNUNET_assert (NULL != wire);
- TALER_JSON_hash (wire,
- &h_wire);
+ GNUNET_assert (GNUNET_OK ==
+ TALER_JSON_hash (wire,
+ &h_wire));
json_decref (wire);
contract_terms = json_loads (ref->details.deposit.contract_terms,
JSON_REJECT_DUPLICATES,
NULL);
GNUNET_assert (NULL != contract_terms);
- TALER_JSON_hash (contract_terms,
- &h_contract_terms);
+ GNUNET_assert (GNUNET_OK ==
+ TALER_JSON_hash (contract_terms,
+ &h_contract_terms));
json_decref (contract_terms);
cmd->details.deposit_wtid.dwh
= TALER_EXCHANGE_track_transaction (exchange,
@@ -2665,8 +2670,9 @@ interpreter_run (void *cls)
JSON_REJECT_DUPLICATES,
NULL);
GNUNET_assert (NULL != contract_terms);
- TALER_JSON_hash (contract_terms,
- &h_contract_terms);
+ GNUNET_assert (GNUNET_OK ==
+ TALER_JSON_hash (contract_terms,
+ &h_contract_terms));
json_decref (contract_terms);
coin = find_command (is,
diff --git a/src/exchange/taler-exchange-aggregator.c
b/src/exchange/taler-exchange-aggregator.c
index fdb32a2..eb97edb 100644
--- a/src/exchange/taler-exchange-aggregator.c
+++ b/src/exchange/taler-exchange-aggregator.c
@@ -354,7 +354,7 @@ update_fees (struct WirePlugin *wp,
struct TALER_EXCHANGEDB_Session *session)
{
enum GNUNET_DB_QueryStatus qs;
-
+
advance_fees (wp,
now);
if (NULL != wp->af)
@@ -595,7 +595,7 @@ deposit_cb (void *cls,
const json_t *wire)
{
enum GNUNET_DB_QueryStatus qs;
-
+
au->merchant_pub = *merchant_pub;
if (GNUNET_SYSERR ==
TALER_amount_subtract (&au->total_amount,
@@ -611,8 +611,15 @@ deposit_cb (void *cls,
au->row_id = row_id;
GNUNET_assert (NULL == au->wire);
au->wire = json_incref ((json_t *) wire);
- TALER_JSON_hash (au->wire,
- &au->h_wire);
+ if (GNUNET_OK !=
+ TALER_JSON_hash (au->wire,
+ &au->h_wire))
+ {
+ GNUNET_break (0);
+ json_decref (au->wire);
+ au->wire = NULL;
+ return GNUNET_DB_STATUS_HARD_ERROR;
+ }
GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE,
&au->wtid,
sizeof (au->wtid));
@@ -839,7 +846,7 @@ prepare_close_cb (void *cls,
size_t buf_size)
{
enum GNUNET_DB_QueryStatus qs;
-
+
GNUNET_assert (cls == ctc);
GNUNET_log (GNUNET_ERROR_TYPE_INFO,
@@ -867,7 +874,7 @@ prepare_close_cb (void *cls,
buf_size);
if (GNUNET_DB_STATUS_HARD_ERROR == qs)
{
- GNUNET_break (0);
+ GNUNET_break (0);
db_plugin->rollback (db_plugin->cls,
ctc->session);
global_ret = GNUNET_SYSERR;
@@ -999,8 +1006,9 @@ expired_reserve_cb (void *cls,
/* Closing fee higher than remaining balance, close
without wire transfer. */
closing_fee = left;
- TALER_amount_get_zero (left->currency,
- &amount_without_fee);
+ GNUNET_assert (GNUNET_OK ==
+ TALER_amount_get_zero (left->currency,
+ &amount_without_fee));
}
/* NOTE: sizeof (*reserve_pub) == sizeof (wtid) right now, but to
@@ -1093,7 +1101,7 @@ run_reserve_closures (void *cls)
enum GNUNET_DB_QueryStatus qs;
const struct GNUNET_SCHEDULER_TaskContext *tc;
struct ExpiredReserveContext erc;
-
+
task = NULL;
reserves_idle = GNUNET_NO;
tc = GNUNET_SCHEDULER_get_task_context ();
@@ -1126,9 +1134,9 @@ run_reserve_closures (void *cls)
GNUNET_TIME_absolute_get (),
&expired_reserve_cb,
&erc);
- switch (qs)
+ switch (qs)
{
- case GNUNET_DB_STATUS_HARD_ERROR:
+ case GNUNET_DB_STATUS_HARD_ERROR:
GNUNET_break (0);
db_plugin->rollback (db_plugin->cls,
session);
@@ -1290,7 +1298,7 @@ run_aggregation (void *cls)
NULL);
return;
}
-
+
/* Subtract wire transfer fee and round to the unit supported by the
wire transfer method; Check if after rounding down, we still have
an amount to transfer, and if not mark as 'tiny'. */
@@ -1322,7 +1330,7 @@ run_aggregation (void *cls)
GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
"Failed to start database transaction!\n");
global_ret = GNUNET_SYSERR;
- cleanup_au ();
+ cleanup_au ();
GNUNET_SCHEDULER_shutdown ();
return;
}
@@ -1690,7 +1698,7 @@ run_transfers (void *cls)
case GNUNET_DB_STATUS_SOFT_ERROR:
/* try again */
task = GNUNET_SCHEDULER_add_now (&run_transfers,
- NULL);
+ NULL);
return;
case GNUNET_DB_STATUS_SUCCESS_NO_RESULTS:
/* no more prepared wire transfers, go back to aggregation! */
diff --git a/src/exchange/taler-exchange-httpd.c
b/src/exchange/taler-exchange-httpd.c
index 60b7810..0f87408 100644
--- a/src/exchange/taler-exchange-httpd.c
+++ b/src/exchange/taler-exchange-httpd.c
@@ -1015,37 +1015,54 @@ main (int argc,
listen_fds = getenv ("LISTEN_FDS");
if ( (NULL != listen_pid) &&
(NULL != listen_fds) &&
- (getpid() == strtol (listen_pid, NULL, 10)) &&
- ( (1 == strtoul (listen_fds, NULL, 10)) ||
- (2 == strtoul (listen_fds, NULL, 10)) ) )
+ (getpid() == strtol (listen_pid,
+ NULL,
+ 10)) &&
+ ( (1 == strtoul (listen_fds,
+ NULL,
+ 10)) ||
+ (2 == strtoul (listen_fds,
+ NULL,
+ 10)) ) )
{
int flags;
fh = 3;
- flags = fcntl (fh, F_GETFD);
- if ( (-1 == flags) && (EBADF == errno) )
+ flags = fcntl (fh,
+ F_GETFD);
+ if ( (-1 == flags) &&
+ (EBADF == errno) )
{
fprintf (stderr,
"Bad listen socket passed, ignored\n");
fh = -1;
}
flags |= FD_CLOEXEC;
- if (0 != fcntl (fh, F_SETFD, flags))
+ if ( (-1 != fh) &&
+ (0 != fcntl (fh,
+ F_SETFD,
+ flags)) )
GNUNET_log_strerror (GNUNET_ERROR_TYPE_ERROR,
"fcntl");
- if (2 == strtoul (listen_fds, NULL, 10))
+ if (2 == strtoul (listen_fds,
+ NULL,
+ 10))
{
fh_admin = 4;
- flags = fcntl (fh_admin, F_GETFD);
- if ( (-1 == flags) && (EBADF == errno) )
+ flags = fcntl (fh_admin,
+ F_GETFD);
+ if ( (-1 == flags) &&
+ (EBADF == errno) )
{
fprintf (stderr,
"Bad listen socket passed, ignored\n");
fh_admin = -1;
}
flags |= FD_CLOEXEC;
- if (0 != fcntl (fh_admin, F_SETFD, flags))
+ if (0 != fcntl (fh_admin,
+ F_SETFD,
+ flags))
GNUNET_log_strerror (GNUNET_ERROR_TYPE_ERROR,
"fcntl");
}
diff --git a/src/exchange/taler-exchange-httpd_db.c
b/src/exchange/taler-exchange-httpd_db.c
index f2e1f7b..30bc33e 100644
--- a/src/exchange/taler-exchange-httpd_db.c
+++ b/src/exchange/taler-exchange-httpd_db.c
@@ -39,7 +39,7 @@
* attempts to commit the transaction. Upon soft failures,
* retries @a cb a few times. Upon hard or persistent soft
* errors, generates an error message for @a connection.
- *
+ *
* @param connection MHD connection to run @a cb for
* @param[out] set to MHD response code, if transaction failed
* @param cb callback implementing transaction logic
@@ -68,13 +68,13 @@ TEH_DB_run_transaction (struct MHD_Connection *connection,
{
enum GNUNET_DB_QueryStatus qs;
- if (GNUNET_OK !=
- TEH_plugin->start (TEH_plugin->cls,
- session))
- {
+ if (GNUNET_OK !=
+ TEH_plugin->start (TEH_plugin->cls,
+ session))
+ {
GNUNET_break (0);
if (NULL != mhd_ret)
- *mhd_ret = TEH_RESPONSE_reply_internal_db_error (connection,
+ *mhd_ret = TEH_RESPONSE_reply_internal_db_error (connection,
TALER_EC_DB_START_FAILED);
return GNUNET_SYSERR;
}
@@ -84,12 +84,12 @@ TEH_DB_run_transaction (struct MHD_Connection *connection,
mhd_ret);
if (0 > qs)
TEH_plugin->rollback (TEH_plugin->cls,
- session);
+ session);
if (GNUNET_DB_STATUS_HARD_ERROR == qs)
return GNUNET_SYSERR;
if (0 <= qs)
qs = TEH_plugin->commit (TEH_plugin->cls,
- session);
+ session);
if (GNUNET_DB_STATUS_HARD_ERROR == qs)
{
if (NULL != mhd_ret)
@@ -132,8 +132,9 @@ TEH_DB_calculate_transaction_list_totals (struct
TALER_EXCHANGEDB_TransactionLis
struct TALER_EXCHANGEDB_TransactionList *pos;
struct TALER_Amount refunded;
- TALER_amount_get_zero (spent.currency,
- &refunded);
+ GNUNET_assert (GNUNET_OK ==
+ TALER_amount_get_zero (spent.currency,
+ &refunded));
for (pos = tl; NULL != pos; pos = pos->next)
{
switch (pos->type)
diff --git a/src/exchange/taler-exchange-httpd_payback.c
b/src/exchange/taler-exchange-httpd_payback.c
index 8b4051c..d8e1dd8 100644
--- a/src/exchange/taler-exchange-httpd_payback.c
+++ b/src/exchange/taler-exchange-httpd_payback.c
@@ -115,7 +115,7 @@ struct PaybackContext
* Details about the coin.
*/
const struct TALER_CoinPublicInfo *coin;
-
+
/**
* Key used to blind the coin.
*/
@@ -174,7 +174,7 @@ payback_transaction (void *cls,
struct TALER_EXCHANGEDB_TransactionList *tl;
struct TALER_Amount spent;
enum GNUNET_DB_QueryStatus qs;
-
+
/* Check whether a payback is allowed, and if so, to which
reserve / account the money should go */
qs = TEH_plugin->get_reserve_by_h_blind (TEH_plugin->cls,
@@ -214,8 +214,9 @@ payback_transaction (void *cls,
}
return qs;
}
- TALER_amount_get_zero (pc->value.currency,
- &spent);
+ GNUNET_assert (GNUNET_OK ==
+ TALER_amount_get_zero (pc->value.currency,
+ &spent));
if (GNUNET_OK !=
TEH_DB_calculate_transaction_list_totals (tl,
&spent,
@@ -386,7 +387,7 @@ verify_and_execute_payback (struct MHD_Connection
*connection,
&payback_transaction,
&pc))
return mhd_ret;
-
+
return reply_payback_success (connection,
&coin->coin_pub,
&pc.reserve_pub,
diff --git a/src/exchange/taler-exchange-httpd_reserve_withdraw.c
b/src/exchange/taler-exchange-httpd_reserve_withdraw.c
index 4dad473..c410cea 100644
--- a/src/exchange/taler-exchange-httpd_reserve_withdraw.c
+++ b/src/exchange/taler-exchange-httpd_reserve_withdraw.c
@@ -309,8 +309,9 @@ withdraw_transaction (void *cls,
if (0 == (res & 2))
{
/* did not encounter any withdraw operations, set to zero */
- TALER_amount_get_zero (deposit_total.currency,
- &withdraw_total);
+ GNUNET_assert (GNUNET_OK ==
+ TALER_amount_get_zero (deposit_total.currency,
+ &withdraw_total));
}
/* All reserve balances should be non-negative */
if (GNUNET_SYSERR ==
diff --git a/src/exchange/taler-exchange-httpd_responses.c
b/src/exchange/taler-exchange-httpd_responses.c
index bde14d8..1b45a0c 100644
--- a/src/exchange/taler-exchange-httpd_responses.c
+++ b/src/exchange/taler-exchange-httpd_responses.c
@@ -718,6 +718,7 @@ TEH_RESPONSE_compile_reserve_history (const struct
TALER_EXCHANGEDB_ReserveHisto
&deposit_total,
&pos->details.bank->amount))
{
+ GNUNET_break (0);
json_decref (json_history);
return NULL;
}
@@ -748,6 +749,7 @@ TEH_RESPONSE_compile_reserve_history (const struct
TALER_EXCHANGEDB_ReserveHisto
&withdraw_total,
&value))
{
+ GNUNET_break (0);
json_decref (json_history);
return NULL;
}
@@ -782,6 +784,7 @@ TEH_RESPONSE_compile_reserve_history (const struct
TALER_EXCHANGEDB_ReserveHisto
&deposit_total,
&payback->value))
{
+ GNUNET_break (0);
json_decref (json_history);
return NULL;
}
@@ -840,8 +843,14 @@ TEH_RESPONSE_compile_reserve_history (const struct
TALER_EXCHANGEDB_ReserveHisto
TALER_amount_hton (&rcc.closing_fee,
&pos->details.closing->closing_fee);
rcc.reserve_pub = pos->details.closing->reserve_pub;
- TALER_JSON_hash (pos->details.closing->receiver_account_details,
- &rcc.h_wire);
+ if (GNUNET_OK !=
+ TALER_JSON_hash (pos->details.closing->receiver_account_details,
+ &rcc.h_wire))
+ {
+ GNUNET_break (0);
+ json_decref (json_history);
+ return NULL;
+ }
rcc.wtid = pos->details.closing->wtid;
TEH_KS_sign (&rcc.purpose,
&pub,
@@ -870,8 +879,9 @@ TEH_RESPONSE_compile_reserve_history (const struct
TALER_EXCHANGEDB_ReserveHisto
if (0 == (2 & ret))
{
/* did not encounter any withdraw operations, set to zero */
- TALER_amount_get_zero (deposit_total.currency,
- &withdraw_total);
+ GNUNET_assert (GNUNET_OK ==
+ TALER_amount_get_zero (deposit_total.currency,
+ &withdraw_total));
}
if (GNUNET_SYSERR ==
TALER_amount_subtract (balance,
diff --git a/src/exchangedb/test_exchangedb.c b/src/exchangedb/test_exchangedb.c
index 6b89577..131771b 100644
--- a/src/exchangedb/test_exchangedb.c
+++ b/src/exchangedb/test_exchangedb.c
@@ -932,7 +932,9 @@ deposit_cb (void *cls,
deposit_rowid = rowid;
if (NULL != wire)
- TALER_JSON_hash (wire, &h_wire);
+ GNUNET_assert (GNUNET_OK ==
+ TALER_JSON_hash (wire,
+ &h_wire));
if ( (0 != memcmp (merchant_pub,
&deposit->merchant_pub,
sizeof (struct TALER_MerchantPublicKeyP))) ||
@@ -1776,8 +1778,9 @@ run (void *cls)
RND_BLK (&deposit.merchant_pub);
RND_BLK (&deposit.h_contract_terms);
wire = json_loads (json_wire_str, 0, NULL);
- TALER_JSON_hash (wire,
- &deposit.h_wire);
+ GNUNET_assert (GNUNET_OK ==
+ TALER_JSON_hash (wire,
+ &deposit.h_wire));
deposit.receiver_wire_account = wire;
deposit.amount_with_fee = value;
deposit.deposit_fee = fee_deposit;
diff --git a/src/json/json.c b/src/json/json.c
index 74559e6..adcc231 100644
--- a/src/json/json.c
+++ b/src/json/json.c
@@ -40,7 +40,10 @@ TALER_JSON_hash (const json_t *json,
if (NULL == (wire_enc = json_dumps (json,
JSON_COMPACT | JSON_SORT_KEYS)))
+ {
+ GNUNET_break (0);
return GNUNET_SYSERR;
+ }
len = strlen (wire_enc) + 1;
GNUNET_CRYPTO_hash (wire_enc,
len,
diff --git a/src/json/json_helper.c b/src/json/json_helper.c
index aea19ac..fec637b 100644
--- a/src/json/json_helper.c
+++ b/src/json/json_helper.c
@@ -152,8 +152,8 @@ TALER_JSON_spec_amount (const char *name,
*/
static int
parse_amount_nbo (void *cls,
- json_t *root,
- struct GNUNET_JSON_Specification *spec)
+ json_t *root,
+ struct GNUNET_JSON_Specification *spec)
{
struct TALER_AmountNBO *r_amount = spec->ptr;
struct TALER_Amount amount;
diff --git a/src/util/amount.c b/src/util/amount.c
index e066485..33ba9a2 100644
--- a/src/util/amount.c
+++ b/src/util/amount.c
@@ -52,7 +52,7 @@ TALER_string_to_amount (const char *str,
0,
sizeof (struct TALER_Amount));
/* skip leading whitespace */
- while (isspace(str[0]))
+ while (isspace( (unsigned char) str[0]))
str++;
if ('\0' == str[0])
{
diff --git a/src/wire/plugin_wire_sepa.c b/src/wire/plugin_wire_sepa.c
index 6300d82..5de3472 100644
--- a/src/wire/plugin_wire_sepa.c
+++ b/src/wire/plugin_wire_sepa.c
@@ -292,7 +292,10 @@ validate_iban (const char *iban)
len = strlen (iban);
if (len > 34)
+ {
+ GNUNET_break_op (0);
return GNUNET_NO;
+ }
strncpy (cc, iban, 2);
strncpy (ibancpy, iban + 4, len - 4);
strncpy (ibancpy + len - 4, iban, 4);
@@ -305,11 +308,14 @@ validate_iban (const char *iban)
sizeof (country_table) / sizeof (struct table_entry),
sizeof (struct table_entry),
&cmp_country_code))
+ {
+ GNUNET_break_op (0);
return GNUNET_NO;
+ }
nbuf = GNUNET_malloc ((len * 2) + 1);
for (i=0, j=0; i < len; i++)
{
- if (isalpha ((int) ibancpy[i]))
+ if (isalpha ((unsigned char) ibancpy[i]))
{
if (2 != snprintf(&nbuf[j],
3,
@@ -326,7 +332,7 @@ validate_iban (const char *iban)
j++;
}
for (j=0;'\0' != nbuf[j];j++)
- GNUNET_assert (isdigit(nbuf[j]));
+ GNUNET_assert (isdigit( (unsigned char) nbuf[j]));
GNUNET_assert (sizeof(dividend) >= 8);
remainder = 0;
for (i=0; i<j; i+=16)
@@ -338,6 +344,7 @@ validate_iban (const char *iban)
&nread)))
{
GNUNET_free (nbuf);
+ GNUNET_break_op (0);
return GNUNET_NO;
}
if (0 != remainder)
@@ -347,6 +354,7 @@ validate_iban (const char *iban)
GNUNET_free (nbuf);
if (1 == remainder)
return GNUNET_YES;
+ GNUNET_break_op (0); /* checksum wrong */
return GNUNET_NO;
}
--
To stop receiving notification emails like this one, please contact
address@hidden
- [GNUnet-SVN] [taler-exchange] branch master updated (85a2d3d -> 800c54b),
gnunet <=
- [GNUnet-SVN] [taler-exchange] 06/06: do not potentially pass -1 to fcntl(), gnunet, 2017/10/06
- [GNUnet-SVN] [taler-exchange] 04/06: check return value from TALER_amount_get_zero, gnunet, 2017/10/06
- [GNUnet-SVN] [taler-exchange] 02/06: fix indentation, gnunet, 2017/10/06
- [GNUnet-SVN] [taler-exchange] 01/06: fix signed calls to isalpha/isdigit/isspace etc., gnunet, 2017/10/06
- [GNUnet-SVN] [taler-exchange] 03/06: check return value from TALER_JSON_hash, gnunet, 2017/10/06
- [GNUnet-SVN] [taler-exchange] 05/06: better logging if IBAN validation fails, also avoid potentially unbounded stack allocation, gnunet, 2017/10/06