From 383f3eb850a2b557c3ae69e791e08420817d78b8 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Mon, 28 Sep 2015 22:56:20 +0200 Subject: [PATCH] properly check contract hash, instead of just computing it twice --- src/mint/taler-mint-httpd_deposit.c | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/src/mint/taler-mint-httpd_deposit.c b/src/mint/taler-mint-httpd_deposit.c index 39696f475..f62e9ed3c 100644 --- a/src/mint/taler-mint-httpd_deposit.c +++ b/src/mint/taler-mint-httpd_deposit.c @@ -136,6 +136,7 @@ parse_and_handle_deposit_request (struct MHD_Connection *connection, struct TALER_MINTDB_Deposit deposit; struct TALER_MINTDB_DenominationKeyIssueInformation *dki; struct TMH_KS_StateHandle *ks; + struct GNUNET_HashCode my_h_wire; struct TMH_PARSE_FieldSpecification spec[] = { TMH_PARSE_member_denomination_public_key ("denom_pub", &deposit.coin.denom_pub), TMH_PARSE_member_denomination_signature ("ub_sig", &deposit.coin.denom_sig), @@ -169,13 +170,22 @@ parse_and_handle_deposit_request (struct MHD_Connection *connection, } if (GNUNET_OK != TALER_hash_json (wire, - &deposit.h_wire)) + &my_h_wire)) { TALER_LOG_WARNING ("Failed to parse JSON wire format specification for /deposit request\n"); TMH_PARSE_release_data (spec); return TMH_RESPONSE_reply_arg_invalid (connection, "wire"); } + if (0 != memcmp (&deposit.h_wire, + &my_h_wire, + sizeof (struct GNUNET_HashCode))) + { + /* Client hashed contract differently than we did, reject */ + TMH_PARSE_release_data (spec); + return TMH_RESPONSE_reply_arg_invalid (connection, + "H_wire"); + } ks = TMH_KS_acquire (); dki = TMH_KS_denomination_key_lookup (ks, &deposit.coin.denom_pub,