diff options
author | MarcoFalke <*~=`'#}+{/-|&$^_@721217.xyz> | 2024-07-12 17:48:40 +0200 |
---|---|---|
committer | MarcoFalke <*~=`'#}+{/-|&$^_@721217.xyz> | 2024-07-12 17:48:26 +0200 |
commit | fab54db9f1d0e634f4a697480dbb87b87940dc5c (patch) | |
tree | 2a3bfd5015c0e410acb5c7ff92799bc02576d7b6 | |
parent | 4d6af61d879914a660e73db5c2f2e6c4d0aa8243 (diff) | |
download | bitcoin-fab54db9f1d0e634f4a697480dbb87b87940dc5c.tar.xz |
rest: Reject negative outpoint index in getutxos parsing
-rw-r--r-- | src/rest.cpp | 7 | ||||
-rwxr-xr-x | test/functional/interface_rest.py | 5 |
2 files changed, 8 insertions, 4 deletions
diff --git a/src/rest.cpp b/src/rest.cpp index 4abbc4d2ca..185508d2c9 100644 --- a/src/rest.cpp +++ b/src/rest.cpp @@ -788,14 +788,15 @@ static bool rest_getutxos(const std::any& context, HTTPRequest* req, const std:: for (size_t i = (fCheckMemPool) ? 1 : 0; i < uriParts.size(); i++) { - int32_t nOutput; std::string strTxid = uriParts[i].substr(0, uriParts[i].find('-')); std::string strOutput = uriParts[i].substr(uriParts[i].find('-')+1); + auto output{ToIntegral<uint32_t>(strOutput)}; - if (!ParseInt32(strOutput, &nOutput) || !IsHex(strTxid)) + if (!output || !IsHex(strTxid)) { return RESTERR(req, HTTP_BAD_REQUEST, "Parse error"); + } - vOutPoints.emplace_back(TxidFromString(strTxid), (uint32_t)nOutput); + vOutPoints.emplace_back(TxidFromString(strTxid), *output); } if (vOutPoints.size() > 0) diff --git a/test/functional/interface_rest.py b/test/functional/interface_rest.py index ae8d6b226d..aa201cb85b 100755 --- a/test/functional/interface_rest.py +++ b/test/functional/interface_rest.py @@ -201,10 +201,13 @@ class RESTTest (BitcoinTestFramework): json_obj = self.test_rest_request(f"/getutxos/checkmempool/{spending[0]}-{spending[1]}") assert_equal(len(json_obj['utxos']), 1) - # Do some invalid requests + self.log.info("Check some invalid requests") self.test_rest_request("/getutxos", http_method='POST', req_type=ReqType.JSON, body='{"checkmempool', status=400, ret_type=RetType.OBJ) self.test_rest_request("/getutxos", http_method='POST', req_type=ReqType.BIN, body='{"checkmempool', status=400, ret_type=RetType.OBJ) self.test_rest_request("/getutxos/checkmempool", http_method='POST', req_type=ReqType.JSON, status=400, ret_type=RetType.OBJ) + self.test_rest_request(f"/getutxos/{spending[0]}_+1", ret_type=RetType.OBJ, status=400) + self.test_rest_request(f"/getutxos/{spending[0]}-+1", ret_type=RetType.OBJ, status=400) + self.test_rest_request(f"/getutxos/{spending[0]}--1", ret_type=RetType.OBJ, status=400) # Test limits long_uri = '/'.join([f"{txid}-{n_}" for n_ in range(20)]) |