summaryrefslogtreecommitdiff
path: root/src/wire
diff options
context:
space:
mode:
authorChristian Grothoff <christian@grothoff.org>2017-10-06 21:04:39 +0200
committerChristian Grothoff <christian@grothoff.org>2017-10-06 21:04:56 +0200
commit06f5621fbac43c59b15fa4ef9e0fe92b828cec5b (patch)
treebaed02234a701ca2beaed78ac6c0ff648ea6da39 /src/wire
parentdbab0c658734c14436a89bd7fc76b295cbcf5448 (diff)
downloadexchange-06f5621fbac43c59b15fa4ef9e0fe92b828cec5b.tar.gz
exchange-06f5621fbac43c59b15fa4ef9e0fe92b828cec5b.tar.bz2
exchange-06f5621fbac43c59b15fa4ef9e0fe92b828cec5b.zip
better logging if IBAN validation fails, also avoid potentially unbounded stack allocation
Diffstat (limited to 'src/wire')
-rw-r--r--src/wire/plugin_wire_sepa.c8
1 files changed, 8 insertions, 0 deletions
diff --git a/src/wire/plugin_wire_sepa.c b/src/wire/plugin_wire_sepa.c
index f0cef029f..5de3472b9 100644
--- a/src/wire/plugin_wire_sepa.c
+++ b/src/wire/plugin_wire_sepa.c
@@ -292,7 +292,10 @@ validate_iban (const char *iban)
len = strlen (iban);
if (len > 34)
+ {
+ GNUNET_break_op (0);
return GNUNET_NO;
+ }
strncpy (cc, iban, 2);
strncpy (ibancpy, iban + 4, len - 4);
strncpy (ibancpy + len - 4, iban, 4);
@@ -305,7 +308,10 @@ validate_iban (const char *iban)
sizeof (country_table) / sizeof (struct table_entry),
sizeof (struct table_entry),
&cmp_country_code))
+ {
+ GNUNET_break_op (0);
return GNUNET_NO;
+ }
nbuf = GNUNET_malloc ((len * 2) + 1);
for (i=0, j=0; i < len; i++)
{
@@ -338,6 +344,7 @@ validate_iban (const char *iban)
&nread)))
{
GNUNET_free (nbuf);
+ GNUNET_break_op (0);
return GNUNET_NO;
}
if (0 != remainder)
@@ -347,6 +354,7 @@ validate_iban (const char *iban)
GNUNET_free (nbuf);
if (1 == remainder)
return GNUNET_YES;
+ GNUNET_break_op (0); /* checksum wrong */
return GNUNET_NO;
}