Merge pull request #1610 from obscuren/address-check

xeth: added address hex check and length check
release/1.1.0
Jeffrey Wilcke 9 years ago
commit ac10c9352e
  1. 11
      xeth/xeth.go
  2. 26
      xeth/xeth_test.go

@ -20,8 +20,10 @@ package xeth
import (
"bytes"
"encoding/json"
"errors"
"fmt"
"math/big"
"regexp"
"sync"
"time"
@ -45,6 +47,7 @@ var (
defaultGasPrice = big.NewInt(10000000000000) //150000000000
defaultGas = big.NewInt(90000) //500000
dappStorePre = []byte("dapp-")
addrReg = regexp.MustCompile(`^(0x)?[a-fA-F0-9]{40}$`)
)
// byte will be inferred
@ -878,6 +881,10 @@ func (self *XEth) Sign(fromStr, hashStr string, didUnlock bool) (string, error)
return common.ToHex(sig), nil
}
func isAddress(addr string) bool {
return addrReg.MatchString(addr)
}
func (self *XEth) Transact(fromStr, toStr, nonceStr, valueStr, gasStr, gasPriceStr, codeStr string) (string, error) {
// this minimalistic recoding is enough (works for natspec.js)
@ -887,6 +894,10 @@ func (self *XEth) Transact(fromStr, toStr, nonceStr, valueStr, gasStr, gasPriceS
return "", err
}
if !isAddress(toStr) {
return "", errors.New("Invalid address")
}
var (
from = common.HexToAddress(fromStr)
to = common.HexToAddress(toStr)

@ -0,0 +1,26 @@
package xeth
import "testing"
func TestIsAddress(t *testing.T) {
for _, invalid := range []string{
"0x00",
"0xNN",
"0x00000000000000000000000000000000000000NN",
"0xAAar000000000000000000000000000000000000",
} {
if isAddress(invalid) {
t.Error("Expected", invalid, "to be invalid")
}
}
for _, valid := range []string{
"0x0000000000000000000000000000000000000000",
"0xAABBbbCCccff9900000000000000000000000000",
"AABBbbCCccff9900000000000000000000000000",
} {
if !isAddress(valid) {
t.Error("Expected", valid, "to be valid")
}
}
}
Loading…
Cancel
Save