diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/httpserver.cpp | 3 | ||||
-rw-r--r-- | src/outputtype.cpp | 2 | ||||
-rw-r--r-- | src/rest.cpp | 12 | ||||
-rw-r--r-- | src/test/httpserver_tests.cpp | 4 | ||||
-rw-r--r-- | src/wallet/rpc/backup.cpp | 2 | ||||
-rw-r--r-- | src/wallet/rpc/wallet.cpp | 6 |
6 files changed, 21 insertions, 8 deletions
diff --git a/src/httpserver.cpp b/src/httpserver.cpp index e68436cc2c..fce15bf4df 100644 --- a/src/httpserver.cpp +++ b/src/httpserver.cpp @@ -652,6 +652,9 @@ std::optional<std::string> HTTPRequest::GetQueryParameter(const std::string& key std::optional<std::string> GetQueryParameterFromUri(const char* uri, const std::string& key) { evhttp_uri* uri_parsed{evhttp_uri_parse(uri)}; + if (!uri_parsed) { + throw std::runtime_error("URI parsing failed, it likely contained RFC 3986 invalid characters"); + } const char* query{evhttp_uri_get_query(uri_parsed)}; std::optional<std::string> result; diff --git a/src/outputtype.cpp b/src/outputtype.cpp index 9ab2902256..e95ec7f4d3 100644 --- a/src/outputtype.cpp +++ b/src/outputtype.cpp @@ -32,8 +32,6 @@ std::optional<OutputType> ParseOutputType(const std::string& type) return OutputType::BECH32; } else if (type == OUTPUT_TYPE_STRING_BECH32M) { return OutputType::BECH32M; - } else if (type == OUTPUT_TYPE_STRING_UNKNOWN) { - return OutputType::UNKNOWN; } return std::nullopt; } diff --git a/src/rest.cpp b/src/rest.cpp index 7f00db2222..56b6fbd175 100644 --- a/src/rest.cpp +++ b/src/rest.cpp @@ -200,7 +200,11 @@ static bool rest_headers(const std::any& context, } else if (path.size() == 1) { // new path with query parameter: /rest/headers/<hash>?count=<count> hashStr = path[0]; - raw_count = req->GetQueryParameter("count").value_or("5"); + try { + raw_count = req->GetQueryParameter("count").value_or("5"); + } catch (const std::runtime_error& e) { + return RESTERR(req, HTTP_BAD_REQUEST, e.what()); + } } else { return RESTERR(req, HTTP_BAD_REQUEST, "Invalid URI format. Expected /rest/headers/<hash>.<ext>?count=<count>"); } @@ -369,7 +373,11 @@ static bool rest_filter_header(const std::any& context, HTTPRequest* req, const } else if (uri_parts.size() == 2) { // new path with query parameter: /rest/blockfilterheaders/<filtertype>/<blockhash>?count=<count> raw_blockhash = uri_parts[1]; - raw_count = req->GetQueryParameter("count").value_or("5"); + try { + raw_count = req->GetQueryParameter("count").value_or("5"); + } catch (const std::runtime_error& e) { + return RESTERR(req, HTTP_BAD_REQUEST, e.what()); + } } else { return RESTERR(req, HTTP_BAD_REQUEST, "Invalid URI format. Expected /rest/blockfilterheaders/<filtertype>/<blockhash>.<ext>?count=<count>"); } diff --git a/src/test/httpserver_tests.cpp b/src/test/httpserver_tests.cpp index ee59ec6967..c95a777e80 100644 --- a/src/test/httpserver_tests.cpp +++ b/src/test/httpserver_tests.cpp @@ -34,5 +34,9 @@ BOOST_AUTO_TEST_CASE(test_query_parameters) // Invalid query string syntax is the same as not having parameters uri = "/rest/endpoint/someresource.json&p1=v1&p2=v2"; BOOST_CHECK(!GetQueryParameterFromUri(uri.c_str(), "p1").has_value()); + + // URI with invalid characters (%) raises a runtime error regardless of which query parameter is queried + uri = "/rest/endpoint/someresource.json&p1=v1&p2=v2%"; + BOOST_CHECK_EXCEPTION(GetQueryParameterFromUri(uri.c_str(), "p1"), std::runtime_error, HasReason("URI parsing failed, it likely contained RFC 3986 invalid characters")); } BOOST_AUTO_TEST_SUITE_END() diff --git a/src/wallet/rpc/backup.cpp b/src/wallet/rpc/backup.cpp index a971331a70..bebd47356a 100644 --- a/src/wallet/rpc/backup.cpp +++ b/src/wallet/rpc/backup.cpp @@ -1886,7 +1886,7 @@ RPCHelpMan restorewallet() RPCResult::Type::OBJ, "", "", { {RPCResult::Type::STR, "name", "The wallet name if restored successfully."}, - {RPCResult::Type::STR, "warning", "Warning message if wallet was not loaded cleanly."}, + {RPCResult::Type::STR, "warning", "Warning messages, if any, related to restoring the wallet. Multiple messages will be delimited by newlines."}, } }, RPCExamples{ diff --git a/src/wallet/rpc/wallet.cpp b/src/wallet/rpc/wallet.cpp index a2ae078343..dfa136e442 100644 --- a/src/wallet/rpc/wallet.cpp +++ b/src/wallet/rpc/wallet.cpp @@ -207,7 +207,7 @@ static RPCHelpMan loadwallet() RPCResult::Type::OBJ, "", "", { {RPCResult::Type::STR, "name", "The wallet name if loaded successfully."}, - {RPCResult::Type::STR, "warning", "Warning message if wallet was not loaded cleanly."}, + {RPCResult::Type::STR, "warning", "Warning messages, if any, related to loading the wallet. Multiple messages will be delimited by newlines."}, } }, RPCExamples{ @@ -327,7 +327,7 @@ static RPCHelpMan createwallet() RPCResult::Type::OBJ, "", "", { {RPCResult::Type::STR, "name", "The wallet name if created successfully. If the wallet was created using a full path, the wallet_name will be the full path."}, - {RPCResult::Type::STR, "warning", "Warning message if wallet was not loaded cleanly."}, + {RPCResult::Type::STR, "warning", "Warning messages, if any, related to creating the wallet. Multiple messages will be delimited by newlines."}, } }, RPCExamples{ @@ -414,7 +414,7 @@ static RPCHelpMan unloadwallet() {"load_on_startup", RPCArg::Type::BOOL, RPCArg::Optional::OMITTED_NAMED_ARG, "Save wallet name to persistent settings and load on startup. True to add wallet to startup list, false to remove, null to leave unchanged."}, }, RPCResult{RPCResult::Type::OBJ, "", "", { - {RPCResult::Type::STR, "warning", "Warning message if wallet was not unloaded cleanly."}, + {RPCResult::Type::STR, "warning", "Warning messages, if any, related to unloading the wallet. Multiple messages will be delimited by newlines."}, }}, RPCExamples{ HelpExampleCli("unloadwallet", "wallet_name") |