Properly bound check conf_target in wallet RPC calls

morcos · morcos · commit 11590d39b988 · 2017-07-14T23:41:40.000-04:00
diff --git a/src/rpc/mining.cpp b/src/rpc/mining.cpp
@@ -30,6 +30,16 @@
 
 #include <univalue.h>
 
+unsigned int ParseConfirmTarget(const UniValue& value)
+{
+    int target = value.get_int();
+    unsigned int max_target = ::feeEstimator.HighestTargetTracked(FeeEstimateHorizon::LONG_HALFLIFE);
+    if (target < 1 || (unsigned int)target > max_target) {
+        throw JSONRPCError(RPC_INVALID_PARAMETER, strprintf("Invalid conf_target, must be between %u - %u", 1, max_target));
+    }
+    return (unsigned int)target;
+}
+
 /**
  * Return average network hashes per second based on the last 'lookup' blocks,
  * or from the last difficulty change if 'lookup' is nonpositive.
diff --git a/src/rpc/mining.h b/src/rpc/mining.h
@@ -12,4 +12,7 @@
 /** Generate blocks (mine) */
 UniValue generateBlocks(std::shared_ptr<CReserveScript> coinbaseScript, int nGenerate, uint64_t nMaxTries, bool keepScript);
 
+/** Check bounds on a command line confirm target */
+unsigned int ParseConfirmTarget(const UniValue& value);
+
 #endif
diff --git a/src/wallet/rpcwallet.cpp b/src/wallet/rpcwallet.cpp
@@ -460,7 +460,7 @@ UniValue sendtoaddress(const JSONRPCRequest& request)
     }
 
     if (request.params.size() > 6 && !request.params[6].isNull()) {
-        coin_control.m_confirm_target = request.params[6].get_int();
+        coin_control.m_confirm_target = ParseConfirmTarget(request.params[6]);
     }
 
     if (request.params.size() > 7 && !request.params[7].isNull()) {
@@ -981,7 +981,7 @@ UniValue sendmany(const JSONRPCRequest& request)
     }
 
     if (request.params.size() > 6 && !request.params[6].isNull()) {
-        coin_control.m_confirm_target = request.params[6].get_int();
+        coin_control.m_confirm_target = ParseConfirmTarget(request.params[6]);
     }
 
     if (request.params.size() > 7 && !request.params[7].isNull()) {
@@ -2795,7 +2795,7 @@ UniValue fundrawtransaction(const JSONRPCRequest& request)
             coinControl.signalRbf = options["replaceable"].get_bool();
         }
         if (options.exists("conf_target")) {
-            coinControl.m_confirm_target = options["conf_target"].get_int();
+            coinControl.m_confirm_target = ParseConfirmTarget(options["conf_target"]);
         }
         if (options.exists("estimate_mode")) {
             if (!FeeModeFromString(options["estimate_mode"].get_str(), coinControl.m_fee_mode)) {
@@ -2917,12 +2917,8 @@ UniValue bumpfee(const JSONRPCRequest& request)
 
         if (options.exists("confTarget") && options.exists("totalFee")) {
             throw JSONRPCError(RPC_INVALID_PARAMETER, "confTarget and totalFee options should not both be set. Please provide either a confirmation target for fee estimation or an explicit total fee for the transaction.");
-        } else if (options.exists("confTarget")) {
-            int target = options["confTarget"].get_int();
-            if (target <= 0) { // FIXME: Check upper bound too
-                throw JSONRPCError(RPC_INVALID_PARAMETER, "Invalid confTarget (cannot be <= 0)");
-            }
-            coin_control.m_confirm_target = target;
+        } else if (options.exists("confTarget")) { // TODO: alias this to conf_target
+            coin_control.m_confirm_target = ParseConfirmTarget(options["confTarget"]);
         } else if (options.exists("totalFee")) {
             totalFee = options["totalFee"].get_int64();
             if (totalFee <= 0) {

Original file line number	Diff line number	Diff line change
`@@ -460,7 +460,7 @@ UniValue sendtoaddress(const JSONRPCRequest& request)`
`460`	`460`	`}`
`461`	`461`
`462`	`462`	`if (request.params.size() > 6 && !request.params[6].isNull()) {`
`463`		`- coin_control.m_confirm_target = request.params[6].get_int();`
	`463`	`+ coin_control.m_confirm_target = ParseConfirmTarget(request.params[6]);`
`464`	`464`	`}`
`465`	`465`
`466`	`466`	`if (request.params.size() > 7 && !request.params[7].isNull()) {`
`@@ -981,7 +981,7 @@ UniValue sendmany(const JSONRPCRequest& request)`
`981`	`981`	`}`
`982`	`982`
`983`	`983`	`if (request.params.size() > 6 && !request.params[6].isNull()) {`
`984`		`- coin_control.m_confirm_target = request.params[6].get_int();`
	`984`	`+ coin_control.m_confirm_target = ParseConfirmTarget(request.params[6]);`
`985`	`985`	`}`
`986`	`986`
`987`	`987`	`if (request.params.size() > 7 && !request.params[7].isNull()) {`
`@@ -2795,7 +2795,7 @@ UniValue fundrawtransaction(const JSONRPCRequest& request)`
`2795`	`2795`	`coinControl.signalRbf = options["replaceable"].get_bool();`
`2796`	`2796`	`}`
`2797`	`2797`	`if (options.exists("conf_target")) {`
`2798`		`- coinControl.m_confirm_target = options["conf_target"].get_int();`
	`2798`	`+ coinControl.m_confirm_target = ParseConfirmTarget(options["conf_target"]);`
`2799`	`2799`	`}`
`2800`	`2800`	`if (options.exists("estimate_mode")) {`
`2801`	`2801`	`if (!FeeModeFromString(options["estimate_mode"].get_str(), coinControl.m_fee_mode)) {`
`@@ -2917,12 +2917,8 @@ UniValue bumpfee(const JSONRPCRequest& request)`
`2917`	`2917`
`2918`	`2918`	`if (options.exists("confTarget") && options.exists("totalFee")) {`
`2919`	`2919`	`throw JSONRPCError(RPC_INVALID_PARAMETER, "confTarget and totalFee options should not both be set. Please provide either a confirmation target for fee estimation or an explicit total fee for the transaction.");`
`2920`		`- } else if (options.exists("confTarget")) {`
`2921`		`- int target = options["confTarget"].get_int();`
`2922`		`- if (target <= 0) { // FIXME: Check upper bound too`
`2923`		`- throw JSONRPCError(RPC_INVALID_PARAMETER, "Invalid confTarget (cannot be <= 0)");`
`2924`		`- }`
`2925`		`- coin_control.m_confirm_target = target;`
	`2920`	`+ } else if (options.exists("confTarget")) { // TODO: alias this to conf_target`
	`2921`	`+ coin_control.m_confirm_target = ParseConfirmTarget(options["confTarget"]);`
`2926`	`2922`	`} else if (options.exists("totalFee")) {`
`2927`	`2923`	`totalFee = options["totalFee"].get_int64();`
`2928`	`2924`	`if (totalFee <= 0) {`