diff options
| author | Christian Grothoff <christian@grothoff.org> | 2017-03-04 17:51:50 +0100 |
|---|---|---|
| committer | Christian Grothoff <christian@grothoff.org> | 2017-03-04 17:53:04 +0100 |
| commit | e3dcc27b680f25a2041781bbedc0219e05608bad (patch) | |
| tree | 88c456575dfc29948f14fbe841b27f85228c0ba2 /src | |
| parent | 6ab67a3a76ee5ce8f8dec910dae7da524f066d2a (diff) | |
| download | exchange-e3dcc27b680f25a2041781bbedc0219e05608bad.tar.gz exchange-e3dcc27b680f25a2041781bbedc0219e05608bad.tar.bz2 exchange-e3dcc27b680f25a2041781bbedc0219e05608bad.zip | |
implementing/fixing #4933: check total_amount matches aggregated transactions
Diffstat (limited to 'src')
| -rw-r--r-- | src/exchange-lib/exchange_api_track_transfer.c | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/src/exchange-lib/exchange_api_track_transfer.c b/src/exchange-lib/exchange_api_track_transfer.c index dff39eb29..92e846ce3 100644 --- a/src/exchange-lib/exchange_api_track_transfer.c +++ b/src/exchange-lib/exchange_api_track_transfer.c @@ -87,6 +87,7 @@ check_track_transfer_response_ok (struct TALER_EXCHANGE_TrackTransferHandle *wdh struct GNUNET_HashCode h_wire; struct GNUNET_TIME_Absolute exec_time; struct TALER_Amount total_amount; + struct TALER_Amount total_expected; struct TALER_Amount wire_fee; struct TALER_MerchantPublicKeyP merchant_pub; unsigned int num_details; @@ -112,6 +113,13 @@ check_track_transfer_response_ok (struct TALER_EXCHANGE_TrackTransferHandle *wdh GNUNET_break_op (0); return GNUNET_SYSERR; } + if (GNUNET_OK != + TALER_amount_get_zero (total_amount.currency, + &total_expected)) + { + GNUNET_break_op (0); + return GNUNET_SYSERR; + } num_details = json_array_size (details_j); { struct TALER_TrackTransferDetails details[num_details]; @@ -151,6 +159,20 @@ check_track_transfer_response_ok (struct TALER_EXCHANGE_TrackTransferHandle *wdh &detail->coin_value); TALER_amount_hton (&dd.deposit_fee, &detail->coin_fee); + if ( (GNUNET_OK != + TALER_amount_add (&total_expected, + &total_expected, + &detail->coin_value)) || + (GNUNET_OK != + TALER_amount_subtract (&total_expected, + &total_expected, + &detail->coin_fee)) ) + { + GNUNET_break_op (0); + GNUNET_CRYPTO_hash_context_abort (hash_context); + GNUNET_JSON_parse_free (spec); + return GNUNET_SYSERR; + } GNUNET_CRYPTO_hash_context_read (hash_context, &dd, sizeof (struct TALER_WireDepositDetailP)); @@ -182,6 +204,23 @@ check_track_transfer_response_ok (struct TALER_EXCHANGE_TrackTransferHandle *wdh GNUNET_JSON_parse_free (spec); return GNUNET_SYSERR; } + if (GNUNET_OK != + TALER_amount_subtract (&total_expected, + &total_expected, + &wire_fee)) + { + GNUNET_break_op (0); + GNUNET_JSON_parse_free (spec); + return GNUNET_SYSERR; + } + if (0 != + TALER_amount_cmp (&total_expected, + &total_amount)) + { + GNUNET_break_op (0); + GNUNET_JSON_parse_free (spec); + return GNUNET_SYSERR; + } wdh->cb (wdh->cb_cls, MHD_HTTP_OK, TALER_EC_NONE, |