[Qt] prevent amount overflow problem with payment requests

Bitcoin amounts are stored as uint64 in the protobuf messages (see paymentrequest.proto), but CAmount is defined as int64_t. Because of that we need to verify that single and accumulated amounts are in a valid range and no variable overflow has happened. - fixes #5624 (#5622) Thanks @SergioDemianLerner for reporting that issue and also supplying us with a possible solution. - add static verifyAmount() function to PaymentServer and move the logging on error into the function - also add a unit test to paymentservertests.cpp
author: Philip Kaufmann <phil.kaufmann@t-online.de> 2015-01-09 14:25:43 +0100
committer: Philip Kaufmann <phil.kaufmann@t-online.de> 2015-02-04 13:47:32 +0100
commit: a6516686dcf0b93dd0bcae304e74f9ac69cb305c (patch)
tree: 44d9394cf2c1ac085f2815c8b55f1539f9c2d3c7 /src/qt/paymentserver.h
parent: 31dedb463b0ce77364e516239bf1b9c7eed5b3b0 (diff)
download: bitcoin-a6516686dcf0b93dd0bcae304e74f9ac69cb305c.tar.xz
1 files changed, 2 insertions, 0 deletions
diff --git a/src/qt/paymentserver.h b/src/qt/paymentserver.h
index db5f44ff1d..6bf5ac2eea 100644
--- a/src/qt/paymentserver.h
+++ b/src/qt/paymentserver.h
@@ -95,6 +95,8 @@ public:
     static bool verifyNetwork(const payments::PaymentDetails& requestDetails);
     // Verify if the payment request is expired
     static bool verifyExpired(const payments::PaymentDetails& requestDetails);
+    // Verify the payment request amount is valid
+    static bool verifyAmount(const CAmount& requestAmount);
 
 signals:
     // Fired when a valid payment request is received
author	Philip Kaufmann <phil.kaufmann@t-online.de>	2015-01-09 14:25:43 +0100
committer	Philip Kaufmann <phil.kaufmann@t-online.de>	2015-02-04 13:47:32 +0100
commit	a6516686dcf0b93dd0bcae304e74f9ac69cb305c (patch)
tree	44d9394cf2c1ac085f2815c8b55f1539f9c2d3c7 /src/qt/paymentserver.h
parent	31dedb463b0ce77364e516239bf1b9c7eed5b3b0 (diff)
download	bitcoin-a6516686dcf0b93dd0bcae304e74f9ac69cb305c.tar.xz