diff options
| author | Christian Grothoff <christian@grothoff.org> | 2024-03-22 14:13:33 +0100 |
|---|---|---|
| committer | Christian Grothoff <christian@grothoff.org> | 2024-03-22 14:13:33 +0100 |
| commit | 2c9b6f560613623923304c9cdbc9ea6463f594f3 (patch) | |
| tree | 738eb9b386d709baa42631eb054668de8f689114 /src/lib | |
| parent | 6d41df4ffbc0d921aecb265ecb49b15df5c7178e (diff) | |
fix #8658
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/merchant_api_get_config.c | 61 |
1 files changed, 43 insertions, 18 deletions
diff --git a/src/lib/merchant_api_get_config.c b/src/lib/merchant_api_get_config.c index d75adab7..1aee6ed6 100644 --- a/src/lib/merchant_api_get_config.c +++ b/src/lib/merchant_api_get_config.c @@ -1,6 +1,6 @@ /* This file is part of TALER - Copyright (C) 2014-2023 Taler Systems SA + Copyright (C) 2014-2024 Taler Systems SA TALER is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software @@ -41,6 +41,15 @@ */ #define MERCHANT_PROTOCOL_AGE 1 +/** + * How many exchanges do we allow at most per merchant? + */ +#define MAX_EXCHANGES 1024 + +/** + * How many currency specs do we allow at most per merchant? + */ +#define MAX_CURRENCIES 1024 /** * @brief A handle for /config operations @@ -108,6 +117,7 @@ handle_config_finished (void *cls, const json_t *exchanges = NULL; struct TALER_MERCHANT_ExchangeConfigInfo *eci = NULL; unsigned int num_eci = 0; + unsigned int nspec; struct TALER_JSON_ProtocolVersion pv; struct GNUNET_JSON_Specification spec[] = { GNUNET_JSON_spec_object_const ("currencies", @@ -136,26 +146,42 @@ handle_config_finished (void *cls, GNUNET_break_op (0); cr.hr.http_status = 0; cr.hr.ec = TALER_EC_GENERIC_INVALID_RESPONSE; + break; } - else + cr.details.ok.compat = TALER_MERCHANT_VC_MATCH; + if (MERCHANT_PROTOCOL_CURRENT < pv.current) { - cr.details.ok.compat = TALER_MERCHANT_VC_MATCH; - if (MERCHANT_PROTOCOL_CURRENT < pv.current) - { - cr.details.ok.compat |= TALER_MERCHANT_VC_NEWER; - if (MERCHANT_PROTOCOL_CURRENT < pv.current - pv.age) - cr.details.ok.compat |= TALER_MERCHANT_VC_INCOMPATIBLE; - } - if (MERCHANT_PROTOCOL_CURRENT > pv.current) - { - cr.details.ok.compat |= TALER_MERCHANT_VC_OLDER; - if (MERCHANT_PROTOCOL_CURRENT - MERCHANT_PROTOCOL_AGE > pv.current) - cr.details.ok.compat |= TALER_MERCHANT_VC_INCOMPATIBLE; - } + cr.details.ok.compat |= TALER_MERCHANT_VC_NEWER; + if (MERCHANT_PROTOCOL_CURRENT < pv.current - pv.age) + cr.details.ok.compat |= TALER_MERCHANT_VC_INCOMPATIBLE; + } + if (MERCHANT_PROTOCOL_CURRENT > pv.current) + { + cr.details.ok.compat |= TALER_MERCHANT_VC_OLDER; + if (MERCHANT_PROTOCOL_CURRENT - MERCHANT_PROTOCOL_AGE > pv.current) + cr.details.ok.compat |= TALER_MERCHANT_VC_INCOMPATIBLE; + } + + nspec = (unsigned int) json_object_size (jcs); + if ( (nspec > MAX_CURRENCIES) || + (json_object_size (jcs) != (size_t) nspec) ) + { + GNUNET_break_op (0); + cr.hr.http_status = 0; + cr.hr.ec = TALER_EC_GENERIC_INVALID_RESPONSE; + break; } if (NULL != exchanges) { - num_eci = json_object_size (exchanges); + num_eci = (unsigned int) json_object_size (exchanges); + if ( (num_eci > MAX_EXCHANGES) || + (json_object_size (exchanges) != (size_t) num_eci) ) + { + GNUNET_break_op (0); + cr.hr.http_status = 0; + cr.hr.ec = TALER_EC_GENERIC_INVALID_RESPONSE; + break; + } eci = GNUNET_new_array (num_eci, struct TALER_MERCHANT_ExchangeConfigInfo); for (unsigned int i = 0; i<num_eci; i++) @@ -187,7 +213,6 @@ handle_config_finished (void *cls, } } { - unsigned int nspec = json_object_size (jcs); struct TALER_CurrencySpecification *cspecs; unsigned int off = 0; json_t *obj; @@ -197,7 +222,7 @@ handle_config_finished (void *cls, struct TALER_CurrencySpecification); cr.details.ok.num_cspecs = nspec; cr.details.ok.cspecs = cspecs; - cr.details.ok.num_exchanges = num_eci; + cr.details.ok.num_exchanges = (unsigned int) num_eci; cr.details.ok.exchanges = eci; json_object_foreach ((json_t *) jcs, curr, obj) { |