diff options
| author | Jeff Garzik <jgarzik@bitpay.com> | 2015-09-15 12:30:32 -0400 |
|---|---|---|
| committer | Jeff Garzik <jgarzik@bitpay.com> | 2015-09-15 12:30:32 -0400 |
| commit | 6f55cddf6be111d860f23f91e2bda7d88734a7c5 (patch) | |
| tree | a2f20bee75806edd21ff112eb95be7f3cc8adfe9 /src/qt/paymentserver.cpp | |
| parent | 3224936bedd8fe777b23d43c253abd2c0cd95d22 (diff) | |
| parent | be942def4baac40b1031ba26491a24a55e1a6a6c (diff) | |
| download | bitcoin-6f55cddf6be111d860f23f91e2bda7d88734a7c5.tar.xz | |
Merge pull request #5665
Diffstat (limited to 'src/qt/paymentserver.cpp')
| -rw-r--r-- | src/qt/paymentserver.cpp | 34 |
1 files changed, 20 insertions, 14 deletions
diff --git a/src/qt/paymentserver.cpp b/src/qt/paymentserver.cpp index 5cc4d00dbf..31a6d65a8d 100644 --- a/src/qt/paymentserver.cpp +++ b/src/qt/paymentserver.cpp @@ -509,12 +509,7 @@ bool PaymentServer::readPaymentRequestFromFile(const QString& filename, PaymentR } // BIP70 DoS protection - if (f.size() > BIP70_MAX_PAYMENTREQUEST_SIZE) { - qWarning() << QString("PaymentServer::%1: Payment request %2 is too large (%3 bytes, allowed %4 bytes).") - .arg(__func__) - .arg(filename) - .arg(f.size()) - .arg(BIP70_MAX_PAYMENTREQUEST_SIZE); + if (!verifySize(f.size())) { return false; } @@ -685,14 +680,13 @@ void PaymentServer::netRequestFinished(QNetworkReply* reply) reply->deleteLater(); // BIP70 DoS protection - if (reply->size() > BIP70_MAX_PAYMENTREQUEST_SIZE) { - QString msg = tr("Payment request %1 is too large (%2 bytes, allowed %3 bytes).") - .arg(reply->request().url().toString()) - .arg(reply->size()) - .arg(BIP70_MAX_PAYMENTREQUEST_SIZE); - - qWarning() << QString("PaymentServer::%1:").arg(__func__) << msg; - Q_EMIT message(tr("Payment request DoS protection"), msg, CClientUIInterface::MSG_ERROR); + if (!verifySize(reply->size())) { + Q_EMIT message(tr("Payment request rejected"), + tr("Payment request %1 is too large (%2 bytes, allowed %3 bytes).") + .arg(reply->request().url().toString()) + .arg(reply->size()) + .arg(BIP70_MAX_PAYMENTREQUEST_SIZE), + CClientUIInterface::MSG_ERROR); return; } @@ -790,6 +784,18 @@ bool PaymentServer::verifyExpired(const payments::PaymentDetails& requestDetails return fVerified; } +bool PaymentServer::verifySize(qint64 requestSize) +{ + bool fVerified = (requestSize <= BIP70_MAX_PAYMENTREQUEST_SIZE); + if (!fVerified) { + qWarning() << QString("PaymentServer::%1: Payment request too large (%2 bytes, allowed %3 bytes).") + .arg(__func__) + .arg(requestSize) + .arg(BIP70_MAX_PAYMENTREQUEST_SIZE); + } + return fVerified; +} + bool PaymentServer::verifyAmount(const CAmount& requestAmount) { bool fVerified = MoneyRange(requestAmount); |