1 files changed, 81 insertions, 60 deletions

diff --git a/src/lib/merchant_api_get_kyc.c b/src/lib/merchant_api_get_kyc.c
index a9aabbe0..d2a819ea 100644
--- a/src/lib/merchant_api_get_kyc.c
+++ b/src/lib/merchant_api_get_kyc.c
@@ -32,6 +32,11 @@
 
 
 /**
+ * Maximum length of the KYC arrays supported.
+ */
+#define MAX_KYC 1024
+
+/**
  * Handle for a GET /kyc operation.
  */
 struct TALER_MERCHANT_KycGetHandle
@@ -79,72 +84,88 @@ parse_kyc (struct TALER_MERCHANT_KycGetHandle *kyc,
            const json_t *pends,
            const json_t *touts)
 {
-  unsigned int num_pends = json_array_size (pends);
-  unsigned int num_touts = json_array_size (touts);
-  struct TALER_MERCHANT_AccountKycRedirectDetail pending_kycs[GNUNET_NZL (
-                                                                num_pends)];
-  struct TALER_MERCHANT_ExchangeKycFailureDetail timeout_kycs[GNUNET_NZL (
-                                                                num_touts)];
-
-  memset (pending_kycs,
-          0,
-          sizeof (pending_kycs));
-  for (unsigned int i = 0; i<num_pends; i++)
+  unsigned int num_pends = (unsigned int) json_array_size (pends);
+  unsigned int num_touts = (unsigned int) json_array_size (touts);
+
+  if ( (json_array_size (pends) != (size_t)  num_pends) ||
+       (num_pends > MAX_KYC) )
   {
-    struct GNUNET_JSON_Specification spec[] = {
-      GNUNET_JSON_spec_mark_optional (
-        TALER_JSON_spec_web_url ("kyc_url",
-                                 &pending_kycs[i].kyc_url),
-        NULL),
-      TALER_JSON_spec_aml_decision ("aml_status",
-                                    &pending_kycs[i].aml_status),
-      TALER_JSON_spec_web_url ("exchange_url",
-                               &pending_kycs[i].exchange_url),
-      TALER_JSON_spec_payto_uri ("payto_uri",
-                                 &pending_kycs[i].payto_uri),
-      GNUNET_JSON_spec_end ()
-    };
-
-    if (GNUNET_OK !=
-        GNUNET_JSON_parse (json_array_get (pends,
-                                           i),
-                           spec,
-                           NULL, NULL))
-    {
-      GNUNET_break (0);
-      return GNUNET_SYSERR;
-    }
+    GNUNET_break (0);
+    return GNUNET_SYSERR;
+  }
+  if ( (json_array_size (touts) != (size_t)  num_touts) ||
+       (num_touts > MAX_KYC) )
+  {
+    GNUNET_break (0);
+    return GNUNET_SYSERR;
   }
-  for (unsigned int i = 0; i<num_touts; i++)
+
   {
-    uint32_t hs;
-    struct GNUNET_JSON_Specification spec[] = {
-      TALER_JSON_spec_web_url ("exchange_url",
-                               &timeout_kycs[i].exchange_url),
-      TALER_JSON_spec_ec ("exchange_code",
-                          &timeout_kycs[i].exchange_code),
-      GNUNET_JSON_spec_uint32 ("exchange_http_status",
-                               &hs),
-      GNUNET_JSON_spec_end ()
-    };
-
-    if (GNUNET_OK !=
-        GNUNET_JSON_parse (json_array_get (touts,
-                                           i),
-                           spec,
-                           NULL, NULL))
+    struct TALER_MERCHANT_AccountKycRedirectDetail pending_kycs[
+      GNUNET_NZL (num_pends)];
+    struct TALER_MERCHANT_ExchangeKycFailureDetail timeout_kycs[
+      GNUNET_NZL (num_touts)];
+
+    memset (pending_kycs,
+            0,
+            sizeof (pending_kycs));
+    for (unsigned int i = 0; i<num_pends; i++)
     {
-      GNUNET_break (0);
-      return GNUNET_SYSERR;
+      struct GNUNET_JSON_Specification spec[] = {
+        GNUNET_JSON_spec_mark_optional (
+          TALER_JSON_spec_web_url ("kyc_url",
+                                   &pending_kycs[i].kyc_url),
+          NULL),
+        TALER_JSON_spec_aml_decision ("aml_status",
+                                      &pending_kycs[i].aml_status),
+        TALER_JSON_spec_web_url ("exchange_url",
+                                 &pending_kycs[i].exchange_url),
+        TALER_JSON_spec_payto_uri ("payto_uri",
+                                   &pending_kycs[i].payto_uri),
+        GNUNET_JSON_spec_end ()
+      };
+
+      if (GNUNET_OK !=
+          GNUNET_JSON_parse (json_array_get (pends,
+                                             i),
+                             spec,
+                             NULL, NULL))
+      {
+        GNUNET_break (0);
+        return GNUNET_SYSERR;
+      }
     }
-    timeout_kycs[i].exchange_http_status = (unsigned int) hs;
+    for (unsigned int i = 0; i<num_touts; i++)
+    {
+      uint32_t hs;
+      struct GNUNET_JSON_Specification spec[] = {
+        TALER_JSON_spec_web_url ("exchange_url",
+                                 &timeout_kycs[i].exchange_url),
+        TALER_JSON_spec_ec ("exchange_code",
+                            &timeout_kycs[i].exchange_code),
+        GNUNET_JSON_spec_uint32 ("exchange_http_status",
+                                 &hs),
+        GNUNET_JSON_spec_end ()
+      };
+
+      if (GNUNET_OK !=
+          GNUNET_JSON_parse (json_array_get (touts,
+                                             i),
+                             spec,
+                             NULL, NULL))
+      {
+        GNUNET_break (0);
+        return GNUNET_SYSERR;
+      }
+      timeout_kycs[i].exchange_http_status = (unsigned int) hs;
+    }
+    kr->details.kyc_status.pending_kycs = pending_kycs;
+    kr->details.kyc_status.timeout_kycs = timeout_kycs;
+    kr->details.kyc_status.pending_kycs_length = num_pends;
+    kr->details.kyc_status.timeout_kycs_length = num_touts;
+    kyc->cb (kyc->cb_cls,
+             kr);
   }
-  kr->details.kyc_status.pending_kycs = pending_kycs;
-  kr->details.kyc_status.timeout_kycs = timeout_kycs;
-  kr->details.kyc_status.pending_kycs_length = num_pends;
-  kr->details.kyc_status.timeout_kycs_length = num_touts;
-  kyc->cb (kyc->cb_cls,
-           kr);
   return GNUNET_OK;
 }