[libeufin] branch master updated: Sanity checks for strings representing

gnunet-svn

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[libeufin] branch master updated: Sanity checks for strings representing

From:	gnunet
Subject:	[libeufin] branch master updated: Sanity checks for strings representing amounts.
Date:	Sat, 07 Aug 2021 15:33:01 +0200

This is an automated email from the git hooks/post-receive script.

ms pushed a commit to branch master
in repository libeufin.

The following commit(s) were added to refs/heads/master by this push:
     new 695c23c  Sanity checks for strings representing amounts.
695c23c is described below

commit 695c23c2b1a9ee05409fff3d74621393edce042b
Author: ms <ms@taler.net>
AuthorDate: Sat Aug 7 15:30:49 2021 +0200

    Sanity checks for strings representing amounts.
---
 .../src/main/kotlin/tech/libeufin/sandbox/Main.kt  | 14 ++++++++++++-
 .../kotlin/tech/libeufin/sandbox/bankAccount.kt    |  5 +++--
 sandbox/src/test/kotlin/BalanceTest.kt             | 23 ++++++++++++++++++++++
 util/src/main/kotlin/Errors.kt                     |  4 ++++
 util/src/main/kotlin/strings.kt                    | 11 +++++++++++
 5 files changed, 54 insertions(+), 3 deletions(-)

diff --git a/sandbox/src/main/kotlin/tech/libeufin/sandbox/Main.kt 
b/sandbox/src/main/kotlin/tech/libeufin/sandbox/Main.kt
index eaca560..08a1153 100644
--- a/sandbox/src/main/kotlin/tech/libeufin/sandbox/Main.kt
+++ b/sandbox/src/main/kotlin/tech/libeufin/sandbox/Main.kt
@@ -17,9 +17,9 @@
  * <http://www.gnu.org/licenses/>
  */
 
-
 package tech.libeufin.sandbox
 
+import UtilError
 import com.hubspot.jinjava.Jinjava
 import com.fasterxml.jackson.core.JsonParseException
 import io.ktor.application.ApplicationCallPipeline
@@ -324,6 +324,18 @@ fun serverMain(dbName: String, port: Int) {
                     )
                 )
             }
+            exception<UtilError> { cause ->
+                logger.error("Exception while handling '${call.request.uri}'", 
cause)
+                call.respond(
+                    cause.statusCode,
+                    SandboxErrorJson(
+                        error = SandboxErrorDetailJson(
+                            type = "util-error",
+                            description = cause.reason
+                        )
+                    )
+                )
+            }
             exception<Throwable> { cause ->
                 logger.error("Exception while handling '${call.request.uri}'", 
cause)
                 call.respondText("Internal server error.", 
ContentType.Text.Plain, HttpStatusCode.InternalServerError)
diff --git a/sandbox/src/main/kotlin/tech/libeufin/sandbox/bankAccount.kt 
b/sandbox/src/main/kotlin/tech/libeufin/sandbox/bankAccount.kt
index 6e7822e..0d81230 100644
--- a/sandbox/src/main/kotlin/tech/libeufin/sandbox/bankAccount.kt
+++ b/sandbox/src/main/kotlin/tech/libeufin/sandbox/bankAccount.kt
@@ -8,6 +8,7 @@ import org.slf4j.LoggerFactory
 import tech.libeufin.sandbox.BankAccountTransactionsTable.amount
 import tech.libeufin.util.RawPayment
 import tech.libeufin.util.importDateFromMillis
+import tech.libeufin.util.parseDecimal
 import tech.libeufin.util.toDashedDate
 
 private val logger: Logger = LoggerFactory.getLogger("tech.libeufin.sandbox")
@@ -19,13 +20,13 @@ fun balanceForAccount(iban: String): java.math.BigDecimal {
         BankAccountTransactionsTable.select {
             BankAccountTransactionsTable.creditorIban eq iban
         }.forEach {
-            val amount = java.math.BigDecimal(it[amount])
+            val amount = parseDecimal(it[amount])
             balance += amount
         }
         BankAccountTransactionsTable.select {
             BankAccountTransactionsTable.debtorIban eq iban
         }.forEach {
-            val amount = java.math.BigDecimal(it[amount])
+            val amount = parseDecimal(it[amount])
             balance -= amount
         }
     }
diff --git a/sandbox/src/test/kotlin/BalanceTest.kt 
b/sandbox/src/test/kotlin/BalanceTest.kt
index e875a62..98c0a64 100644
--- a/sandbox/src/test/kotlin/BalanceTest.kt
+++ b/sandbox/src/test/kotlin/BalanceTest.kt
@@ -65,7 +65,30 @@ class BalanceTest {
                     it[direction] = "DBIT"
                     it[accountServicerReference] = 
"test-account-servicer-reference"
                 }
+                BankAccountTransactionsTable.insert {
+                    it[account] = EntityID(0, BankAccountsTable)
+                    it[creditorIban] = "other"
+                    it[creditorBic] = "BIC"
+                    it[creditorName] = "Creditor Name"
+                    it[debtorIban] = "earns-bad-amount"
+                    it[debtorBic] = "BIC"
+                    it[debtorName] = "Debitor Name"
+                    it[subject] = "deal"
+                    it[amount] = "not a number"
+                    it[date] = LocalDateTime.now().millis()
+                    it[currency] = "EUR"
+                    it[pmtInfId] = "0"
+                    it[direction] = "DBIT"
+                    it[accountServicerReference] = 
"test-account-servicer-reference"
+                }
                 assert(java.math.BigDecimal.ONE == balanceForAccount("earns"))
+                try {
+                    balanceForAccount("earns-bad-amount")
+                } catch (e: UtilError) {
+                    return@transaction
+                }
+                // here the expected exception wasn't thrown.
+                assert(false)
             }
         }
     }
diff --git a/util/src/main/kotlin/Errors.kt b/util/src/main/kotlin/Errors.kt
index e99e8be..388ef18 100644
--- a/util/src/main/kotlin/Errors.kt
+++ b/util/src/main/kotlin/Errors.kt
@@ -1,3 +1,4 @@
+import io.ktor.http.*
 import kotlin.system.exitProcess
 
 /*
@@ -19,6 +20,9 @@ import kotlin.system.exitProcess
  * <http://www.gnu.org/licenses/>
  */
 
+data class UtilError(val statusCode: HttpStatusCode, val reason: String) :
+    Exception("$reason (HTTP status $statusCode)")
+
 /**
  * Helper function that wraps throwable code and
  * (1) prints the error message and (2) terminates
diff --git a/util/src/main/kotlin/strings.kt b/util/src/main/kotlin/strings.kt
index 30e502b..0028dde 100644
--- a/util/src/main/kotlin/strings.kt
+++ b/util/src/main/kotlin/strings.kt
@@ -19,8 +19,10 @@
 
 package tech.libeufin.util
 
+import UtilError
 import io.ktor.http.HttpStatusCode
 import java.math.BigInteger
+import java.math.BigDecimal
 import java.util.*
 
 fun ByteArray.toHexString() : String {
@@ -61,6 +63,7 @@ fun base64ToBytes(encoding: String): ByteArray {
     return Base64.getDecoder().decode(encoding)
 }
 
+// used mostly in RSA math, never as amount.
 fun BigInteger.toUnsignedHexString(): String {
     val signedValue = this.toByteArray()
     require(this.signum() > 0) { "number must be positive" }
@@ -96,6 +99,14 @@ data class AmountWithCurrency(
     val amount: Amount
 )
 
+fun parseDecimal(decimalStr: String): BigDecimal {
+    return try {
+        BigDecimal(decimalStr)
+    } catch (e: NumberFormatException) {
+        throw UtilError(HttpStatusCode.BadRequest, "Bad string amount given: 
$decimalStr")
+    }
+}
+
 fun parseAmount(amount: String): AmountWithCurrency {
     val match = Regex("([A-Z]+):([0-9]+(\\.[0-9]+)?)").find(amount) ?: throw
     EbicsProtocolError(HttpStatusCode.BadRequest, "invalid amount: $amount")

-- 
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.

[Prev in Thread]

Current Thread

[Next in Thread]

[libeufin] branch master updated: Sanity checks for strings representing amounts., gnunet <=

Prev by Date: [libeufin] branch master updated: debian: bump version
Next by Date: [taler-merchant] branch master updated: fix #6983: do not keep contract terms across transactions
Previous by thread: [libeufin] branch master updated: sandbox: do not compute balance, as implementation sometimes throws
Next by thread: [taler-merchant] branch master updated: fix #6983: do not keep contract terms across transactions
Index(es):
- Date
- Thread