implement more sanity checks

author: Christian Grothoff <grothoff@gnunet.org> 2023-10-13 08:50:25 +0200
committer: Christian Grothoff <grothoff@gnunet.org> 2023-10-13 08:50:25 +0200
commit: 4a8fb418d75b302ca578c5c1dec460ae9192112c (patch)
tree: 96f7a08b2b882bb0d20d44c9bd2cfc466cf5943f
parent: c55be23e812f4add56711e1589d7aa5c9474917c (diff)
download: exchange-4a8fb418d75b302ca578c5c1dec460ae9192112c.tar.gz
exchange-4a8fb418d75b302ca578c5c1dec460ae9192112c.tar.bz2
exchange-4a8fb418d75b302ca578c5c1dec460ae9192112c.zip
3 files changed, 79 insertions, 30 deletions
diff --git a/src/include/taler_util.h b/src/include/taler_util.h
index 4dcf6f8f8..5f70bf65e 100644
--- a/src/include/taler_util.h
+++ b/src/include/taler_util.h
@@ -305,6 +305,18 @@ TALER_CONFIG_currency_specs_to_json (
 
 
 /**
+ * Check that @a map contains a valid currency scale
+ * map that maps integers from [-12,24] to currency
+ * symbols given as strings.
+ *
+ * @param map map to check
+ * @return #GNUNET_OK if @a map is valid
+ */
+enum GNUNET_GenericReturnValue
+TALER_check_currency_scale_map (const json_t *map);
+
+
+/**
  * Allow user to specify an amount on the command line.
  *
  * @param shortName short name of the option
diff --git a/src/json/json_helper.c b/src/json/json_helper.c
index 99d8e5b50..6c960353d 100644
--- a/src/json/json_helper.c
+++ b/src/json/json_helper.c
@@ -192,6 +192,9 @@ parse_cspec (void *cls,
   unsigned int eline;
 
   (void) cls;
+  memset (r_cspec->currency,
+          0,
+          sizeof (r_cspec->currency));
   if (GNUNET_OK !=
       GNUNET_JSON_parse (root,
                          gspec,
@@ -218,13 +221,20 @@ parse_cspec (void *cls,
     GNUNET_break_op (0);
     return GNUNET_SYSERR;
   }
-  memset (r_cspec->currency,
-          0,
-          sizeof (r_cspec->currency));
-  /* FIXME: check currency consists only of legal characters! */
+  if (GNUNET_OK !=
+      TALER_check_currency (currency))
+  {
+    GNUNET_break_op (0);
+    return GNUNET_SYSERR;
+  }
   strcpy (r_cspec->currency,
           currency);
-  /* FIXME: check map is valid! */
+  if (GNUNET_OK !=
+      TALER_check_currency_scale_map (map))
+  {
+    GNUNET_break_op (0);
+    return GNUNET_SYSERR;
+  }
   r_cspec->name = GNUNET_strdup (name);
   r_cspec->decimal_separator = GNUNET_strdup (decimal_separator);
   r_cspec->map_alt_unit_names = json_incref ((json_t *) map);
diff --git a/src/util/config.c b/src/util/config.c
index d3804022b..7002a6d7c 100644
--- a/src/util/config.c
+++ b/src/util/config.c
@@ -392,36 +392,63 @@ parse_currencies_cb (void *cls,
       return;
     }
   }
-
+  if (GNUNET_OK !=
+      TALER_check_currency_scale_map (cspec->map_alt_unit_names))
   {
-    /* validate map only maps from decimal numbers to strings! */
-    const char *str;
-    json_t *val;
+    GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR,
+                               section,
+                               "ALT_UNIT_NAMES",
+                               "invalid map entry detected");
+    cpc->failure = true;
+    json_decref (cspec->map_alt_unit_names);
+    cspec->map_alt_unit_names = NULL;
+    return;
+  }
+}
+
+
+enum GNUNET_GenericReturnValue
+TALER_check_currency_scale_map (const json_t *map)
+{
+  /* validate map only maps from decimal numbers to strings! */
+  const char *str;
+  const json_t *val;
+  bool zf = false;
 
-    json_object_foreach (cspec->map_alt_unit_names, str, val)
+  if (! json_is_object (map))
+  {
+    GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
+                "Object required for currency scale map\n");
+    return GNUNET_SYSERR;
+  }
+  json_object_foreach ((json_t *) map, str, val)
+  {
+    int idx;
+    char dummy;
+
+    if ( (1 != sscanf (str,
+                       "%d%c",
+                       &idx,
+                       &dummy)) ||
+         (idx < -12) ||
+         (idx > 24) ||
+         (! json_is_string (val) ) )
     {
-      int idx;
-      char dummy;
-
-      if ( (1 != sscanf (str,
-                         "%d%c",
-                         &idx,
-                         &dummy)) ||
-           (idx < -12) ||
-           (idx > 24) ||
-           (! json_is_string (val) ) )
-      {
-        GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR,
-                                   section,
-                                   "ALT_UNIT_NAMES",
-                                   "invalid map entry detected");
-        cpc->failure = true;
-        json_decref (cspec->map_alt_unit_names);
-        cspec->map_alt_unit_names = NULL;
-        return;
-      }
+      GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
+                  "Invalid entry `%s' in currency scale map\n",
+                  str);
+      return GNUNET_SYSERR;
     }
+    if (0 == idx)
+      zf = true;
   }
+  if (! zf)
+  {
+    GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
+                "Entry for 0 missing in currency scale map\n");
+    return GNUNET_SYSERR;
+  }
+  return GNUNET_OK;
 }
author	Christian Grothoff <grothoff@gnunet.org>	2023-10-13 08:50:25 +0200
committer	Christian Grothoff <grothoff@gnunet.org>	2023-10-13 08:50:25 +0200
commit	4a8fb418d75b302ca578c5c1dec460ae9192112c (patch)
tree	96f7a08b2b882bb0d20d44c9bd2cfc466cf5943f
parent	c55be23e812f4add56711e1589d7aa5c9474917c (diff)
download	exchange-4a8fb418d75b302ca578c5c1dec460ae9192112c.tar.gz exchange-4a8fb418d75b302ca578c5c1dec460ae9192112c.tar.bz2 exchange-4a8fb418d75b302ca578c5c1dec460ae9192112c.zip