From 11590d39b9888403ead8354302e308eca139ba17 Mon Sep 17 00:00:00 2001
From: Alex Morcos <morcos@chaincode.com>
Date: Wed, 12 Jul 2017 14:42:57 -0400
Subject: Properly bound check conf_target in wallet RPC calls

---
 src/rpc/mining.cpp | 10 ++++++++++
 1 file changed, 10 insertions(+)

(limited to 'src/rpc/mining.cpp')

diff --git a/src/rpc/mining.cpp b/src/rpc/mining.cpp
index 5dc468e111..b8c94d32ec 100644
--- a/src/rpc/mining.cpp
+++ b/src/rpc/mining.cpp
@@ -30,6 +30,16 @@
 
 #include <univalue.h>
 
+unsigned int ParseConfirmTarget(const UniValue& value)
+{
+    int target = value.get_int();
+    unsigned int max_target = ::feeEstimator.HighestTargetTracked(FeeEstimateHorizon::LONG_HALFLIFE);
+    if (target < 1 || (unsigned int)target > max_target) {
+        throw JSONRPCError(RPC_INVALID_PARAMETER, strprintf("Invalid conf_target, must be between %u - %u", 1, max_target));
+    }
+    return (unsigned int)target;
+}
+
 /**
  * Return average network hashes per second based on the last 'lookup' blocks,
  * or from the last difficulty change if 'lookup' is nonpositive.
-- 
cgit v1.2.3