check well-formedness of URI when signing, check return value of function for error

1 files changed, 12 insertions, 2 deletions

diff --git a/src/json/json_wire.c b/src/json/json_wire.c
index 4fc4cfead..b0bb67503 100644
--- a/src/json/json_wire.c
+++ b/src/json/json_wire.c
@@ -392,7 +392,8 @@ TALER_JSON_merchant_wire_signature_hash (const json_t *wire_s,
 
 
 /**
- * Check the signature in @a wire_s.
+ * Check the signature in @a wire_s.  Also performs rudimentary
+ * checks on the account data *if* supported.
  *
  * @param wire_s signed wire information of an exchange
  * @param master_pub master public key of the exchange
@@ -420,6 +421,7 @@ TALER_JSON_exchange_wire_signature_check (const json_t *wire_s,
     return GNUNET_SYSERR;
   }
 
+  /* Note: this check does nothing if this is not an IBAN */
   if (GNUNET_SYSERR == validate_payto_iban (payto_uri))
   {
     GNUNET_break_op (0);
@@ -436,7 +438,8 @@ TALER_JSON_exchange_wire_signature_check (const json_t *wire_s,
  * Create a signed wire statement for the given account.
  *
  * @param payto_uri account specification
- * @param master_priv private key to sign with, NULL to not sign
+ * @param master_priv private key to sign with
+ * @return NULL if @a payto_uri is malformed
  */
 json_t *
 TALER_JSON_exchange_wire_signature_make (const char *payto_uri,
@@ -445,6 +448,13 @@ TALER_JSON_exchange_wire_signature_make (const char *payto_uri,
 {
   struct TALER_MasterSignatureP master_sig;
 
+  /* Note: this check does nothing if this is not an IBAN */
+  if (GNUNET_SYSERR == validate_payto_iban (payto_uri))
+  {
+    GNUNET_break_op (0);
+    return NULL;
+  }
+
   TALER_exchange_wire_signature_make (payto_uri,
                                       master_priv,
                                       &master_sig);