rest: Reject truncated hex txid early in getutxos parsing

MarcoFalke · MarcoFalke · commit fa9077724507 · 2024-07-24T17:40:13.000+02:00
diff --git a/src/rest.cpp b/src/rest.cpp
@@ -792,13 +792,14 @@ static bool rest_getutxos(const std::any& context, HTTPRequest* req, const std::
             if (txid_out.size() != 2) {
                 return RESTERR(req, HTTP_BAD_REQUEST, "Parse error");
             }
+            auto txid{Txid::FromHex(txid_out.at(0))};
             auto output{ToIntegral<uint32_t>(txid_out.at(1))};
 
-            if (!output || !IsHex(txid_out.at(0))) {
+            if (!txid || !output) {
                 return RESTERR(req, HTTP_BAD_REQUEST, "Parse error");
             }
 
-            vOutPoints.emplace_back(TxidFromString(txid_out.at(0)), *output);
+            vOutPoints.emplace_back(*txid, *output);
         }
 
         if (vOutPoints.size() > 0)
diff --git a/test/functional/interface_rest.py b/test/functional/interface_rest.py
@@ -208,6 +208,8 @@ def run_test(self):
         self.test_rest_request(f"/getutxos/{spending[0]}_+1", ret_type=RetType.OBJ, status=400)
         self.test_rest_request(f"/getutxos/{spending[0]}-+1", ret_type=RetType.OBJ, status=400)
         self.test_rest_request(f"/getutxos/{spending[0]}--1", ret_type=RetType.OBJ, status=400)
+        self.test_rest_request(f"/getutxos/{spending[0]}aa-1234", ret_type=RetType.OBJ, status=400)
+        self.test_rest_request(f"/getutxos/aa-1234", ret_type=RetType.OBJ, status=400)
 
         # Test limits
         long_uri = '/'.join([f"{txid}-{n_}" for n_ in range(20)])

Original file line number	Diff line number	Diff line change
`@@ -792,13 +792,14 @@ static bool rest_getutxos(const std::any& context, HTTPRequest* req, const std::`
`792`	`792`	`if (txid_out.size() != 2) {`
`793`	`793`	`return RESTERR(req, HTTP_BAD_REQUEST, "Parse error");`
`794`	`794`	`}`
	`795`	`+ auto txid{Txid::FromHex(txid_out.at(0))};`
`795`	`796`	`auto output{ToIntegral<uint32_t>(txid_out.at(1))};`
`796`	`797`
`797`		`- if (!output \|\| !IsHex(txid_out.at(0))) {`
	`798`	`+ if (!txid \|\| !output) {`
`798`	`799`	`return RESTERR(req, HTTP_BAD_REQUEST, "Parse error");`
`799`	`800`	`}`
`800`	`801`
`801`		`- vOutPoints.emplace_back(TxidFromString(txid_out.at(0)), *output);`
	`802`	`+ vOutPoints.emplace_back(txid, output);`
`802`	`803`	`}`
`803`	`804`
`804`	`805`	`if (vOutPoints.size() > 0)`