add more location checks

3 files changed, 72 insertions, 17 deletions

diff --git a/src/backend/taler-merchant-httpd_private-patch-instances-ID.c b/src/backend/taler-merchant-httpd_private-patch-instances-ID.c
index 8b0917e7..bafccb59 100644
--- a/src/backend/taler-merchant-httpd_private-patch-instances-ID.c
+++ b/src/backend/taler-merchant-httpd_private-patch-instances-ID.c
@@ -114,6 +114,27 @@ patch_instances_ID (struct TMH_MerchantInstance *mi,
                                        TALER_EC_GENERIC_CURRENCY_MISMATCH,
                                        NULL);
   }
+
+  if (! TMH_location_object_valid (is.address))
+  {
+    GNUNET_break_op (0);
+    GNUNET_JSON_parse_free (spec);
+    return TALER_MHD_reply_with_error (connection,
+                                       MHD_HTTP_BAD_REQUEST,
+                                       TALER_EC_GENERIC_PARAMETER_MALFORMED,
+                                       "address");
+  }
+
+  if (! TMH_location_object_valid (is.jurisdiction))
+  {
+    GNUNET_break_op (0);
+    GNUNET_JSON_parse_free (spec);
+    return TALER_MHD_reply_with_error (connection,
+                                       MHD_HTTP_BAD_REQUEST,
+                                       TALER_EC_GENERIC_PARAMETER_MALFORMED,
+                                       "jurisdiction");
+  }
+
   if (! TMH_payto_uri_array_valid (payto_uris))
     return TALER_MHD_reply_with_error (connection,
                                        MHD_HTTP_BAD_REQUEST,
diff --git a/src/backend/taler-merchant-httpd_private-post-instances.c b/src/backend/taler-merchant-httpd_private-post-instances.c
index 4c5919e9..c6471571 100644
--- a/src/backend/taler-merchant-httpd_private-post-instances.c
+++ b/src/backend/taler-merchant-httpd_private-post-instances.c
@@ -230,6 +230,26 @@ TMH_private_post_instances (const struct TMH_RequestHandler *rh,
                                          "id");
   }
 
+  if (! TMH_location_object_valid (is.address))
+  {
+    GNUNET_break_op (0);
+    GNUNET_JSON_parse_free (spec);
+    return TALER_MHD_reply_with_error (connection,
+                                       MHD_HTTP_BAD_REQUEST,
+                                       TALER_EC_GENERIC_PARAMETER_MALFORMED,
+                                       "address");
+  }
+
+  if (! TMH_location_object_valid (is.jurisdiction))
+  {
+    GNUNET_break_op (0);
+    GNUNET_JSON_parse_free (spec);
+    return TALER_MHD_reply_with_error (connection,
+                                       MHD_HTTP_BAD_REQUEST,
+                                       TALER_EC_GENERIC_PARAMETER_MALFORMED,
+                                       "jurisdiction");
+  }
+
   /* Check currency of client matches our own currency */
   if ( (0 != strcasecmp (is.default_max_deposit_fee.currency,
                          TMH_currency)) ||
diff --git a/src/backend/taler-merchant-httpd_private-post-orders.c b/src/backend/taler-merchant-httpd_private-post-orders.c
index d4812715..172cb05c 100644
--- a/src/backend/taler-merchant-httpd_private-post-orders.c
+++ b/src/backend/taler-merchant-httpd_private-post-orders.c
@@ -1,6 +1,6 @@
 /*
   This file is part of TALER
-  (C) 2014, 2015, 2016, 2018, 2020 Taler Systems SA
+  (C) 2014, 2015, 2016, 2018, 2020, 2021 Taler Systems SA
 
   TALER is free software; you can redistribute it and/or modify
   it under the terms of the GNU Affero General Public License as
@@ -30,6 +30,7 @@
 #include "taler-merchant-httpd_private-post-orders.h"
 #include "taler-merchant-httpd_auditors.h"
 #include "taler-merchant-httpd_exchanges.h"
+#include "taler-merchant-httpd_helper.h"
 #include "taler-merchant-httpd_private-get-orders.h"
 
 
@@ -712,10 +713,10 @@ patch_order (struct MHD_Connection *connection,
                                &wire_fee_amortization)),
     GNUNET_JSON_spec_mark_optional (
       TALER_JSON_spec_absolute_time ("delivery_date",
-                                      &delivery_date)),
+                                     &delivery_date)),
     GNUNET_JSON_spec_mark_optional (
       TALER_JSON_spec_relative_time ("auto_refund",
-                                      &auto_refund)),
+                                     &auto_refund)),
     GNUNET_JSON_spec_mark_optional (
       GNUNET_JSON_spec_json ("delivery_location",
                              &delivery_location)),
@@ -864,7 +865,7 @@ patch_order (struct MHD_Connection *connection,
                                             refund_deadline)));
     }
     if ((0 != delivery_date.abs_value_us) &&
-      (delivery_date.abs_value_us < now.abs_value_us) )
+        (delivery_date.abs_value_us < now.abs_value_us) )
     {
       GNUNET_break_op (0);
       return TALER_MHD_reply_with_error (
@@ -901,7 +902,8 @@ patch_order (struct MHD_Connection *connection,
     GNUNET_assert (0 ==
                    json_object_set_new (order,
                                         "wire_transfer_deadline",
-                                        GNUNET_JSON_from_time_abs (wire_deadline)));
+                                        GNUNET_JSON_from_time_abs (
+                                          wire_deadline)));
   }
   if (wire_deadline.abs_value_us < refund_deadline.abs_value_us)
   {
@@ -926,8 +928,8 @@ patch_order (struct MHD_Connection *connection,
   else
   {
     if (0 !=
-      strcasecmp (max_wire_fee.currency,
-                  TMH_currency))
+        strcasecmp (max_wire_fee.currency,
+                    TMH_currency))
     {
       GNUNET_break_op (0);
       return TALER_MHD_reply_with_error (
@@ -951,8 +953,8 @@ patch_order (struct MHD_Connection *connection,
   else
   {
     if (0 !=
-      strcasecmp (max_fee.currency,
-                  TMH_currency))
+        strcasecmp (max_fee.currency,
+                    TMH_currency))
     {
       GNUNET_break_op (0);
       return TALER_MHD_reply_with_error (
@@ -985,7 +987,7 @@ patch_order (struct MHD_Connection *connection,
     GNUNET_free (url);
   }
   else if (('\0' == *merchant_base_url) ||
-    ('/' != merchant_base_url[strlen(merchant_base_url) - 1]))
+           ('/' != merchant_base_url[strlen (merchant_base_url) - 1]))
   {
     GNUNET_break_op (0);
     return TALER_MHD_reply_with_error (
@@ -994,7 +996,7 @@ patch_order (struct MHD_Connection *connection,
       TALER_EC_MERCHANT_PRIVATE_POST_ORDERS_PROPOSAL_PARSE_ERROR,
       "merchant_base_url is not valid");
   }
-		    
+
   /* Fill in merchant information if necessary */
   if (NULL != jmerchant)
   {
@@ -1005,8 +1007,8 @@ patch_order (struct MHD_Connection *connection,
       TALER_EC_MERCHANT_PRIVATE_POST_ORDERS_PROPOSAL_PARSE_ERROR,
       "'merchant' field already set, but must be provided by backend");
   }
-  jmerchant = json_pack("{s:s}",
-		        "name", settings->name);
+  jmerchant = json_pack ("{s:s}",
+                         "name", settings->name);
   GNUNET_assert (NULL != jmerchant);
   {
     json_t *loca;
@@ -1064,22 +1066,34 @@ patch_order (struct MHD_Connection *connection,
       TALER_EC_GENERIC_JSON_INVALID,
       "could not compute hash of order due to bogus forgettable fields");
   }
+
+  if ( (NULL != delivery_location) &&
+       (! TMH_location_object_valid (delivery_location)) )
+  {
+    GNUNET_break_op (0);
+    GNUNET_JSON_parse_free (spec);
+    return TALER_MHD_reply_with_error (connection,
+                                       MHD_HTTP_BAD_REQUEST,
+                                       TALER_EC_GENERIC_PARAMETER_MALFORMED,
+                                       "delivery_location");
+  }
+
   /* sanity check result */
   {
     struct GNUNET_HashCode h_control;
-   
+
     switch (TALER_JSON_contract_hash (order,
                                       &h_control))
     {
-    case GNUNET_SYSERR: 
+    case GNUNET_SYSERR:
       GNUNET_break (0);
       return TALER_MHD_reply_with_error (
         connection,
         MHD_HTTP_INTERNAL_SERVER_ERROR,
         TALER_EC_GENERIC_FAILED_COMPUTE_JSON_HASH,
         "could not compute hash of patched order");
-   
-    case GNUNET_NO: 
+
+    case GNUNET_NO:
       GNUNET_break_op (0);
       return TALER_MHD_reply_with_error (
         connection,