From 6ba63aab8472aefe85f4b96dd7bab895a46a0889 Mon Sep 17 00:00:00 2001
From: Christian Grothoff <christian@grothoff.org>
Date: Wed, 18 Mar 2015 18:56:48 +0100
Subject: fix #3716: make sure amount-API offers proper checks against overflow
 and other issues

---
 src/mint/mint_db.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'src/mint/mint_db.c')

diff --git a/src/mint/mint_db.c b/src/mint/mint_db.c
index 556d32af2..6832cdac9 100644
--- a/src/mint/mint_db.c
+++ b/src/mint/mint_db.c
@@ -1092,7 +1092,11 @@ TALER_MINT_DB_insert_collectable_blindcoin (PGconn *db_conn,
   if (GNUNET_OK != TALER_MINT_DB_reserve_get (db_conn,
                                               &reserve))
     goto rollback;
-  reserve.balance = TALER_amount_subtract (reserve.balance, withdraw);
+  if (GNUNET_SYSERR ==
+      TALER_amount_subtract (&reserve.balance,
+                             &reserve.balance,
+                             &withdraw))
+    goto rollback;
   if (GNUNET_OK != reserves_update (db_conn, &reserve))
     goto rollback;
   if (GNUNET_OK == TALER_MINT_DB_commit (db_conn))
-- 
cgit v1.2.3