aboutsummaryrefslogtreecommitdiff
path: root/src/mint/taler-mint-httpd_parsing.c
diff options
context:
space:
mode:
authorChristian Grothoff <christian@grothoff.org>2015-03-18 18:55:41 +0100
committerChristian Grothoff <christian@grothoff.org>2015-03-18 18:55:41 +0100
commit23bf1eee74bed73cf98264c247ab44df8dadfcd9 (patch)
tree3d7fcba4b6fb8a84b79585b4fa6ccdf0fff6ade4 /src/mint/taler-mint-httpd_parsing.c
parent08958c73e8ba6ad30e98a30968077cdf55bc86e8 (diff)
fix #3716: make sure amount-API offers proper checks against overflow and other issues
Diffstat (limited to 'src/mint/taler-mint-httpd_parsing.c')
-rw-r--r--src/mint/taler-mint-httpd_parsing.c14
1 files changed, 8 insertions, 6 deletions
diff --git a/src/mint/taler-mint-httpd_parsing.c b/src/mint/taler-mint-httpd_parsing.c
index 6c5f72b32..b8bc043ec 100644
--- a/src/mint/taler-mint-httpd_parsing.c
+++ b/src/mint/taler-mint-httpd_parsing.c
@@ -878,8 +878,10 @@ TALER_MINT_parse_amount_json (struct MHD_Connection *connection,
json_int_t value;
json_int_t fraction;
const char *currency;
- struct TALER_Amount a;
+ memset (amount,
+ 0,
+ sizeof (struct TALER_Amount));
if (-1 == json_unpack (f,
"{s:I, s:I, s:s}",
"value", &value,
@@ -897,7 +899,7 @@ TALER_MINT_parse_amount_json (struct MHD_Connection *connection,
}
if ( (value < 0) ||
(fraction < 0) ||
- (value > UINT32_MAX) ||
+ (value > UINT64_MAX) ||
(fraction > UINT32_MAX) )
{
LOG_WARNING ("Amount specified not in allowed range\n");
@@ -922,11 +924,11 @@ TALER_MINT_parse_amount_json (struct MHD_Connection *connection,
return GNUNET_SYSERR;
return GNUNET_NO;
}
- a.value = (uint32_t) value;
- a.fraction = (uint32_t) fraction;
+ amount->value = (uint64_t) value;
+ amount->fraction = (uint32_t) fraction;
GNUNET_assert (strlen (MINT_CURRENCY) < TALER_CURRENCY_LEN);
- strcpy (a.currency, MINT_CURRENCY);
- *amount = TALER_amount_normalize (a);
+ strcpy (amount->currency, MINT_CURRENCY);
+ TALER_amount_normalize (amount);
return GNUNET_OK;
}