summaryrefslogtreecommitdiff
path: root/src/exchange/taler-exchange-httpd_management_wire.c
diff options
context:
space:
mode:
authorChristian Grothoff <christian@grothoff.org>2021-01-06 15:52:12 +0100
committerChristian Grothoff <christian@grothoff.org>2021-01-06 15:52:12 +0100
commit73a9fe56eb2fd9c7126eeffa396998815112e2e5 (patch)
tree01adc81864e1e12e75ce2b8ff198865af32b8e19 /src/exchange/taler-exchange-httpd_management_wire.c
parent1f9121126395ac56bbccad4c1de60ca5c1c47983 (diff)
downloadexchange-73a9fe56eb2fd9c7126eeffa396998815112e2e5.tar.gz
exchange-73a9fe56eb2fd9c7126eeffa396998815112e2e5.tar.bz2
exchange-73a9fe56eb2fd9c7126eeffa396998815112e2e5.zip
add checks to ensure payto:// URI is well-formed to taler-exchange-offline, and taler-exchange-httpd where applicable (fixes #6675)
Diffstat (limited to 'src/exchange/taler-exchange-httpd_management_wire.c')
-rw-r--r--src/exchange/taler-exchange-httpd_management_wire.c17
1 files changed, 17 insertions, 0 deletions
diff --git a/src/exchange/taler-exchange-httpd_management_wire.c b/src/exchange/taler-exchange-httpd_management_wire.c
index 5454125f4..83c3bbede 100644
--- a/src/exchange/taler-exchange-httpd_management_wire.c
+++ b/src/exchange/taler-exchange-httpd_management_wire.c
@@ -195,6 +195,23 @@ TEH_handler_management_denominations_wire (
TALER_EC_EXCHANGE_MANAGEMENT_WIRE_DETAILS_SIGNATURE_INVALID,
NULL);
}
+ {
+ char *wire_method;
+
+ wire_method = TALER_payto_get_method (awc.payto_uri);
+ if (NULL == wire_method)
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+ "payto:// URI `%s' is malformed\n",
+ awc.payto_uri);
+ return TALER_MHD_reply_with_error (
+ connection,
+ MHD_HTTP_BAD_REQUEST,
+ TALER_EC_GENERIC_PARAMETER_MALFORMED,
+ "payto_uri");
+ }
+ GNUNET_free (wire_method);
+ }
qs = TEH_DB_run_transaction (connection,
"add wire",