DragonX/dragonx
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 2 Wiki Activity

[Qt] prevent amount overflow problem with payment requests

Browse Source 
Bitcoin amounts are stored as uint64 in the protobuf messages (see
paymentrequest.proto), but CAmount is defined as int64_t. Because
of that we need to verify that single and accumulated amounts are
in a valid range and no variable overflow has happened.

- fixes #5624 (#5622)

Thanks @SergioDemianLerner for reporting that issue and also supplying us
with a possible solution.

- add static verifyAmount() function to PaymentServer and move the logging
  on error into the function
- also add a unit test to paymentservertests.cpp
This commit is contained in:
Philip Kaufmann
2015-01-09 14:25:43 +01:00
parent 31dedb463b
commit a6516686dc
4 changed files with 69 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/qt/paymentserver.h
View File

@@ -95,6 +95,8 @@ public:
static bool verifyNetwork(const payments::PaymentDetails& requestDetails);
// Verify if the payment request is expired
static bool verifyExpired(const payments::PaymentDetails& requestDetails);
// Verify the payment request amount is valid
static bool verifyAmount(const CAmount& requestAmount);
signals:
// Fired when a valid payment request is received