From 11b643dd83fa3e75d5aa3b4918c55065fa6dc4fa Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Mon, 30 Sep 2019 22:11:24 +0200 Subject: [PATCH] add test for wire transfer subject malformed --- contrib/auditor-report.tex.j2 | 22 ++++++++------- src/auditor/taler-wire-auditor.c | 25 ++++++++--------- src/auditor/test-auditor.sh | 48 +++++++++++++++++++++++++++++++- 3 files changed, 70 insertions(+), 25 deletions(-) diff --git a/contrib/auditor-report.tex.j2 b/contrib/auditor-report.tex.j2 index a5c2bec27..33aab79cf 100644 --- a/contrib/auditor-report.tex.j2 +++ b/contrib/auditor-report.tex.j2 @@ -687,6 +687,7 @@ translate into a financial loss (yet). \hline \hline {\bf Reserve} & {\bf Auditor} & {\bf Exchange} \endfoot + \hline \hline {\bf Total deltas} & {{ data.total_balance_summary_delta_plus}} & @@ -767,21 +768,23 @@ relate to outgoing wire transfers being malformed. This happens if the exchange somehow creates wire transfers with duplicate or malformed wire transfer subjects. +% Table generation tested by testcase #19 in test-auditor.sh + {% if wire.wire_format_inconsistencies|length() == 0 %} {\bf No wire format inconsistencies found.} {% else %} - \begin{longtable}{p{4.5cm}|r} - \multicolumn{3}{c}{ {\bf Row hash} } \\ - {\bf Diagnostic} & {\bf Amount} \\ + \begin{longtable}{p{6.5cm}|r} + \multicolumn{2}{c}{ {\bf Diagnostic} } \\ + {\bf Row (base32)} & {\bf Amount} \\ \hline \hline \endfirsthead - \multicolumn{3}{c}{ {\bf Row hash} } \\ - {\bf Diagnostic} & {\bf Amount} \\ + \multicolumn{2}{c}{ {\bf Diagnostic} } \\ + {\bf Row (base32)} & {\bf Amount} \\ \hline \hline \endhead \hline - \multicolumn{3}{c}{ {\bf Row hash} } \\ - {\bf Diagnostic} & {\bf Amount} \\ + \multicolumn{2}{c}{ {\bf Row (base32)} } \\ + {\bf Row (base32)} & {\bf Amount} \\ \endfoot \hline \hline @@ -791,10 +794,9 @@ with duplicate or malformed wire transfer subjects. \label{table:outgoing:wtid} \endlastfoot {% for item in wire.wire_format_inconsistencies %} - \multicolumn{3}{l}{ \tt \small \truncate{\textwidth}{ {{ item.wire_offset_hash }} } } \\ + \multicolumn{2}{l}{ \small \truncate{0.95\textwidth}{ {{ item.diagnostic }} } } \\ \nopagebreak - {{ item.diagnostic }} & - {{ item.amount }} \\ + { \tt \small \truncate{0.95\textwidth}{ {{ item.wire_offset }} } } & {{ item.amount }} \\ \hline {% endfor %} \end{longtable} {% endif %} diff --git a/src/auditor/taler-wire-auditor.c b/src/auditor/taler-wire-auditor.c index 85638fa76..fe6b66015 100644 --- a/src/auditor/taler-wire-auditor.c +++ b/src/auditor/taler-wire-auditor.c @@ -417,7 +417,7 @@ do_shutdown (void *cls) report_wire_out_inconsistencies, "total_wire_out_delta_plus", TALER_JSON_from_amount (&total_bad_amount_out_plus), - /* Tested in test-auditor.sh #11, #15 */ + /* Tested in test-auditor.sh #11, #15, #19 */ "total_wire_out_delta_minus", TALER_JSON_from_amount (&total_bad_amount_out_minus), /* Tested in test-auditor.sh #2 */ @@ -442,8 +442,10 @@ do_shutdown (void *cls) "row_minor_inconsistencies", report_row_minor_inconsistencies, /* block */ + /* Tested in test-auditor.sh #19 */ "total_wire_format_amount", TALER_JSON_from_amount (&total_wire_format_amount), + /* Tested in test-auditor.sh #19 */ "wire_format_inconsistencies", report_wire_format_inconsistencies, "total_amount_lag", @@ -910,7 +912,7 @@ wire_out_cb (void *cls, } } - cleanup: +cleanup: GNUNET_assert (GNUNET_OK == free_roi (NULL, &key, @@ -1032,7 +1034,6 @@ history_debit_cb (void *cls, { struct WireAccount *wa = cls; struct ReserveOutInfo *roi; - struct GNUNET_HashCode rowh; if (TALER_BANK_DIRECTION_NONE == dir) { @@ -1056,11 +1057,8 @@ history_debit_cb (void *cls, { char *diagnostic; - GNUNET_CRYPTO_hash (row_off, - row_off_size, - &rowh); GNUNET_asprintf (&diagnostic, - "malformed subject `%8s...'", + "malformed subject `%s'", details->wtid_s); GNUNET_break (GNUNET_OK == TALER_amount_add (&total_wire_format_amount, @@ -1069,7 +1067,8 @@ history_debit_cb (void *cls, report (report_wire_format_inconsistencies, json_pack ("{s:o, s:o, s:s}", "amount", TALER_JSON_from_amount (&details->amount), - "wire_offset_hash", GNUNET_JSON_from_data_auto (&rowh), + "wire_offset", GNUNET_JSON_from_data (row_off, + row_off_size), "diagnostic", diagnostic)); GNUNET_free (diagnostic); return GNUNET_OK; @@ -1109,11 +1108,8 @@ history_debit_cb (void *cls, { char *diagnostic; - GNUNET_CRYPTO_hash (row_off, - row_off_size, - &rowh); GNUNET_asprintf (&diagnostic, - "duplicate subject hash `%8s...'", + "duplicate subject hash `%s'", TALER_B2S (&roi->subject_hash)); GNUNET_break (GNUNET_OK == TALER_amount_add (&total_wire_format_amount, @@ -1122,7 +1118,8 @@ history_debit_cb (void *cls, report (report_wire_format_inconsistencies, json_pack ("{s:o, s:o, s:s}", "amount", TALER_JSON_from_amount (&details->amount), - "wire_offset_hash", GNUNET_JSON_from_data_auto (&rowh), + "wire_offset", GNUNET_JSON_from_data (row_off, + row_off_size), "diagnostic", diagnostic)); GNUNET_free (diagnostic); return GNUNET_OK; @@ -1542,7 +1539,7 @@ history_credit_cb (void *cls, row_off_size), "diagnostic", "execution date missmatch")); } - cleanup: +cleanup: GNUNET_assert (GNUNET_OK == free_rii (NULL, &key, diff --git a/src/auditor/test-auditor.sh b/src/auditor/test-auditor.sh index f2edf8299..d7d5b6e16 100755 --- a/src/auditor/test-auditor.sh +++ b/src/auditor/test-auditor.sh @@ -1023,7 +1023,6 @@ fi echo PASS - # cannot easily undo broad DELETE operation, hence full reload echo -n "Reloading database ..." full_reload @@ -1032,6 +1031,53 @@ echo "DONE" +# Test where outgoing wire transfer subject is malformed +function test_19() { +echo "===========19: outgoing wire subject malformed=================" + +# Need to first run the aggregator so the outgoing transfer exists +pre_audit aggregator + +# Generate mal-formed wire transfer subject +SUBJECT=YDVD2XBQT62553Z2TX8MM +# Account #2 = exchange, pick outgoing transfer +OLD_SUBJECT=`echo "SELECT subject FROM app_banktransaction WHERE debit_account_id=2;" | psql $DB -Aqt` +echo "UPDATE app_banktransaction SET subject='${SUBJECT}' WHERE debit_account_id=2;" | psql -Aqt $DB + +audit_only +post_audit + + +echo -n "Testing wire transfer subject malformed detection... " + +DIAGNOSTIC=`jq -r .wire_format_inconsistencies[0].diagnostic < test-wire-audit.json` +WANT="malformed subject \`${SUBJECT}'" +if test "x$DIAGNOSTIC" != "x$WANT" +then + exit_fail "Reported diagnostic: $DIAGNOSTIC, wanted $WANT" +fi +jq -e .wire_out_amount_inconsistencies[0] < test-wire-audit.json > /dev/null || exit_fail "Falsly claimed wire transfer not detected" + +DELTA=`jq -r .total_wire_out_delta_minus < test-wire-audit.json` +if test $DELTA == "TESTKUDOS:0" +then + exit_fail "Expected total wire delta minus wrong, got $DELTA" +fi +DELTA=`jq -r .total_wire_format_amount < test-wire-audit.json` +if test $DELTA == "TESTKUDOS:0" +then + exit_fail "Expected total format amount wrong, got $DELTA" +fi + +echo "PASS" + +# Undo +echo "UPDATE app_banktransaction SET subject='${OLD_SUBJECT}' WHERE debit_account_id=2;" | psql -Aqt $DB +} + + + + # ************************************************** # FIXME: Add more tests here! :-) # Specifically: