diff options
author | pablomartin4btc <pablomartin4btc@gmail.com> | 2023-04-14 19:03:08 -0300 |
---|---|---|
committer | fanquake <fanquake@gmail.com> | 2023-04-18 11:43:59 +0100 |
commit | 3a26b19df25ca99a9a58ae5398f6f423ac074368 (patch) | |
tree | 69edd85ecd31e3487a409716f2ce16fb71a58947 /src/rest.cpp | |
parent | c40b1da2fd64bb10f120f85966b44f0d2bb315f8 (diff) | |
download | bitcoin-3a26b19df25ca99a9a58ae5398f6f423ac074368.tar.xz |
bugfix: rest: avoid segfault for invalid URI
`evhttp_uri_parse` can return a nullptr, for example when the URI
contains invalid characters (e.g. "%").
`GetQueryParameterFromUri` passes the output of `evhttp_uri_parse`
straight into `evhttp_uri_get_query`, which means that anyone calling
a REST endpoint in which query parameters are used (e.g. `rest_headers`)
can cause a segfault.
This bugfix is designed to be minimal and without additional behaviour change.
Github-Pull: #27468
Rebased-From: 11422cc5720c8d73a87600de8fe8abb156db80dc
Diffstat (limited to 'src/rest.cpp')
-rw-r--r-- | src/rest.cpp | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/src/rest.cpp b/src/rest.cpp index 7f00db2222..56b6fbd175 100644 --- a/src/rest.cpp +++ b/src/rest.cpp @@ -200,7 +200,11 @@ static bool rest_headers(const std::any& context, } else if (path.size() == 1) { // new path with query parameter: /rest/headers/<hash>?count=<count> hashStr = path[0]; - raw_count = req->GetQueryParameter("count").value_or("5"); + try { + raw_count = req->GetQueryParameter("count").value_or("5"); + } catch (const std::runtime_error& e) { + return RESTERR(req, HTTP_BAD_REQUEST, e.what()); + } } else { return RESTERR(req, HTTP_BAD_REQUEST, "Invalid URI format. Expected /rest/headers/<hash>.<ext>?count=<count>"); } @@ -369,7 +373,11 @@ static bool rest_filter_header(const std::any& context, HTTPRequest* req, const } else if (uri_parts.size() == 2) { // new path with query parameter: /rest/blockfilterheaders/<filtertype>/<blockhash>?count=<count> raw_blockhash = uri_parts[1]; - raw_count = req->GetQueryParameter("count").value_or("5"); + try { + raw_count = req->GetQueryParameter("count").value_or("5"); + } catch (const std::runtime_error& e) { + return RESTERR(req, HTTP_BAD_REQUEST, e.what()); + } } else { return RESTERR(req, HTTP_BAD_REQUEST, "Invalid URI format. Expected /rest/blockfilterheaders/<filtertype>/<blockhash>.<ext>?count=<count>"); } |