dash/src/util/moneystr.cpp
MarcoFalke 67f1de4312 Merge #17753: util: Don't allow Base32/64-decoding or ParseMoney(…) on strings with embedded NUL characters. Add tests.
137c80d579502e329964d7d1028a9507d4667774 tests: Add tests for decoding/parsing of base32, base64 and money strings containing NUL characters (practicalswift)
a6fc26da55dea3b76bd89fbbca24ded170238674 util: Don't allow DecodeBase32(...) of strings with embedded NUL characters (practicalswift)
93cc18b0f6fa5fa8144079a4f51904d8b3087e94 util: Don't allow DecodeBase64(...) of strings with embedded NUL characters (practicalswift)
ccc53e43c5464058171d6291da861a88184b230e util: Don't allow ParseMoney(...) of strings with embedded NUL characters (practicalswift)

Pull request description:

  Don't allow Base32/64-decoding or `ParseMoney(…)` on strings with embedded `NUL` characters. Add tests.

  Added tests before:

  ```
  $ src/test/test_bitcoin
  Running 385 test cases...
  test/base32_tests.cpp(31): error: in "base32_tests/base32_testvectors":
      check failure == true has failed [false != true]
  test/base64_tests.cpp(31): error: in "base64_tests/base64_testvectors":
      check failure == true has failed [false != true]
  test/util_tests.cpp(1074): error: in "util_tests/util_ParseMoney":
      check !ParseMoney(std::string("\0-1", 3), ret) has failed
  test/util_tests.cpp(1076): error: in "util_tests/util_ParseMoney":
      check !ParseMoney(std::string("1\0", 2), ret) has failed

  *** 4 failures are detected in the test module "Bitcoin Core Test Suite"
  ```

  Added tests after:

  ```
  $ src/test/test_bitcoin
  Running 385 test cases...

  *** No errors detected
  ```

ACKs for top commit:
  laanwj:
    Code review ACK 137c80d579502e329964d7d1028a9507d4667774

Tree-SHA512: 9486a0d32b4cf686bf5a47a0778338ac571fa39c66ad6d6d6cede58ec798e87bb50a2f9b7fd79ecd1fef1ba284e4073c1b430110967073ff87bdbbde7cada447
2021-09-17 15:56:38 -04:00

82 lines
2.1 KiB
C++

// Copyright (c) 2009-2010 Satoshi Nakamoto
// Copyright (c) 2009-2015 The Bitcoin Core developers
// Distributed under the MIT software license, see the accompanying
// file COPYING or http://www.opensource.org/licenses/mit-license.php.
#include <util/moneystr.h>
#include <primitives/transaction.h>
#include <tinyformat.h>
#include <util/strencodings.h>
#include <util/string.h>
std::string FormatMoney(const CAmount& n)
{
// Note: not using straight sprintf here because we do NOT want
// localized number formatting.
int64_t n_abs = (n > 0 ? n : -n);
int64_t quotient = n_abs/COIN;
int64_t remainder = n_abs%COIN;
std::string str = strprintf("%d.%08d", quotient, remainder);
// Right-trim excess zeros before the decimal point:
int nTrim = 0;
for (int i = str.size()-1; (str[i] == '0' && IsDigit(str[i-2])); --i)
++nTrim;
if (nTrim)
str.erase(str.size()-nTrim, nTrim);
if (n < 0)
str.insert((unsigned int)0, 1, '-');
return str;
}
bool ParseMoney(const std::string& str, CAmount& nRet)
{
if (!ValidAsCString(str)) {
return false;
}
return ParseMoney(str.c_str(), nRet);
}
bool ParseMoney(const char* pszIn, CAmount& nRet)
{
std::string strWhole;
int64_t nUnits = 0;
const char* p = pszIn;
while (IsSpace(*p))
p++;
for (; *p; p++)
{
if (*p == '.')
{
p++;
int64_t nMult = COIN / 10;
while (IsDigit(*p) && (nMult > 0))
{
nUnits += nMult * (*p++ - '0');
nMult /= 10;
}
break;
}
if (IsSpace(*p))
break;
if (!IsDigit(*p))
return false;
strWhole.insert(strWhole.end(), *p);
}
for (; *p; p++)
if (!IsSpace(*p))
return false;
if (strWhole.size() > 10) // guard against 63 bit overflow
return false;
if (nUnits < 0 || nUnits > COIN)
return false;
int64_t nWhole = atoi64(strWhole);
CAmount nValue = nWhole*COIN + nUnits;
nRet = nValue;
return true;
}