exchange

commit 75cac8340a41c5d8b1057d31feeb7877c91a7839
parent ad36dff20edac284a957d70858481b5e5f940b85
Author: Christian Grothoff <christian@grothoff.org>
Date:   Sun, 29 Mar 2026 22:26:23 +0200

cap offset to INT64_MAX as required

Diffstat:
M
src/exchange/taler-exchange-httpd_get-aml-OFFICER_PUB-attributes-H_NORMALIZED_PAYTO.c
 | 
6
+++++-
M
src/lib/exchange_api_get-aml-OFFICER_PUB-attributes-H_NORMALIZED_PAYTO.c
 | 
7
++++++-
M
src/lib/exchange_api_get-aml-OFFICER_PUB-decisions.c
 | 
5
+++++
M
src/lib/exchange_api_get-aml-OFFICER_PUB-legitimizations.c
 | 
18
+++++++++++++-----

4 files changed, 29 insertions(+), 7 deletions(-)
diff --git a/src/exchange/taler-exchange-httpd_get-aml-OFFICER_PUB-attributes-H_NORMALIZED_PAYTO.c b/src/exchange/taler-exchange-httpd_get-aml-OFFICER_PUB-attributes-H_NORMALIZED_PAYTO.c
@@ -604,7 +604,11 @@ TEH_handler_aml_attributes_get (
   TALER_MHD_parse_request_number (rc->connection,
                                   "offset",
                                   &offset);
-
+  if (offset > INT64_MAX)
+  {
+    GNUNET_break_op (0); /* broken client */
+    offset = INT64_MAX;
+  }
   {
     enum GNUNET_DB_QueryStatus qs;
 
diff --git a/src/lib/exchange_api_get-aml-OFFICER_PUB-attributes-H_NORMALIZED_PAYTO.c b/src/lib/exchange_api_get-aml-OFFICER_PUB-attributes-H_NORMALIZED_PAYTO.c
@@ -312,7 +312,7 @@ TALER_EXCHANGE_get_aml_attributes_create (
   GNUNET_CRYPTO_eddsa_key_get_public (&officer_priv->eddsa_priv,
                                       &aagh->officer_pub.eddsa_pub);
   aagh->options.limit = -20;
-  aagh->options.offset = UINT64_MAX;
+  aagh->options.offset = INT64_MAX;
   return aagh;
 }
 
@@ -335,6 +335,11 @@ TALER_EXCHANGE_get_aml_attributes_set_options_ (
       aagh->options.limit = opt->details.limit;
       break;
     case TALER_EXCHANGE_GET_AML_ATTRIBUTES_OPTION_OFFSET:
+      if (opt->details.offset > INT64_MAX)
+      {
+        GNUNET_break (0);
+        return GNUNET_NO;
+      }
       aagh->options.offset = opt->details.offset;
       break;
     }
diff --git a/src/lib/exchange_api_get-aml-OFFICER_PUB-decisions.c b/src/lib/exchange_api_get-aml-OFFICER_PUB-decisions.c
@@ -564,6 +564,11 @@ TALER_EXCHANGE_get_aml_decisions_set_options_ (
       adgh->options.limit = opt->details.limit;
       break;
     case TALER_EXCHANGE_GET_AML_DECISIONS_OPTION_OFFSET:
+      if (opt->details.offset > INT64_MAX)
+      {
+        GNUNET_break (0);
+        return GNUNET_NO;
+      }
       adgh->options.offset = opt->details.offset;
       break;
     case TALER_EXCHANGE_GET_AML_DECISIONS_OPTION_H_PAYTO:
diff --git a/src/lib/exchange_api_get-aml-OFFICER_PUB-legitimizations.c b/src/lib/exchange_api_get-aml-OFFICER_PUB-legitimizations.c
@@ -334,21 +334,29 @@ TALER_EXCHANGE_get_aml_legitimizations_set_options_ (
 {
   for (unsigned int i = 0; i < num_options; i++)
   {
-    switch (options[i].option)
+    const struct TALER_EXCHANGE_GetAmlLegitimizationsOptionValue *opt = &options
+                                                                        [i];
+
+    switch (opt->option)
     {
     case TALER_EXCHANGE_GET_AML_LEGITIMIZATIONS_OPTION_END:
       return GNUNET_OK;
     case TALER_EXCHANGE_GET_AML_LEGITIMIZATIONS_OPTION_LIMIT:
-      algh->options.limit = options[i].details.limit;
+      algh->options.limit = opt->details.limit;
       break;
     case TALER_EXCHANGE_GET_AML_LEGITIMIZATIONS_OPTION_OFFSET:
-      algh->options.offset = options[i].details.offset;
+      if (opt->details.offset > INT64_MAX)
+      {
+        GNUNET_break (0);
+        return GNUNET_NO;
+      }
+      algh->options.offset = opt->details.offset;
       break;
     case TALER_EXCHANGE_GET_AML_LEGITIMIZATIONS_OPTION_H_PAYTO:
-      algh->options.h_payto = options[i].details.h_payto;
+      algh->options.h_payto = opt->details.h_payto;
       break;
     case TALER_EXCHANGE_GET_AML_LEGITIMIZATIONS_OPTION_ACTIVE:
-      algh->options.active = options[i].details.active;
+      algh->options.active = opt->details.active;
       break;
     default:
       GNUNET_break (0);