highperfocused/bitcoin
1
0
Fork 0
mirror of https://github.com/bitcoin/bitcoin.git synced 2025-12-08 11:44:14 +01:00
Code Issues Packages Projects Releases Wiki Activity

rest: Reject negative outpoint index in getutxos parsing

Browse Source
This commit is contained in:
MarcoFalke
2024-07-12 17:48:40 +02:00
parent 4d6af61d87
commit fab54db9f1
2 changed files with 8 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
src/rest.cpp
View File

@@ -788,14 +788,15 @@ static bool rest_getutxos(const std::any& context, HTTPRequest* req, const std::
for (size_t i = (fCheckMemPool) ? 1 : 0; i < uriParts.size(); i++)
{
int32_t nOutput;
std::string strTxid = uriParts[i].substr(0, uriParts[i].find('-'));
std::string strOutput = uriParts[i].substr(uriParts[i].find('-')+1);
auto output{ToIntegral<uint32_t>(strOutput)};
if (!ParseInt32(strOutput, &nOutput) || !IsHex(strTxid))
if (!output || !IsHex(strTxid)) {
return RESTERR(req, HTTP_BAD_REQUEST, "Parse error");
}
vOutPoints.emplace_back(TxidFromString(strTxid), (uint32_t)nOutput);
vOutPoints.emplace_back(TxidFromString(strTxid), *output);
}
if (vOutPoints.size() > 0)