if reserve history computation reveals database inconsistency, do not abort but return proper error code

2016-11-17 15:33:31 +01:00 · 2016-11-17 15:33:31 +01:00 · bb7c58921e
commit bb7c58921e
parent f8eb77927f
2 changed files with 65 additions and 50 deletions
--- a/src/exchange/taler-exchange-httpd_db.c
+++ b/src/exchange/taler-exchange-httpd_db.c
@ -748,10 +748,17 @@ execute_reserve_withdraw_transaction (struct MHD_Connection *connection,
                           &withdraw_total);
  }
  /* All reserve balances should be non-negative */
-  GNUNET_assert (GNUNET_SYSERR !=
+  if (GNUNET_SYSERR ==
      TALER_amount_subtract (&balance,
                             &deposit_total,
-                                        &withdraw_total));
+                             &withdraw_total))
+  {
+    GNUNET_break (0); /* database inconsistent */
+    TEH_plugin->rollback (TEH_plugin->cls,
+                          session);
+    return TEH_RESPONSE_reply_internal_db_error (connection,
+                                                 TALER_EC_WITHDRAW_RESERVE_HISTORY_IMPOSSIBLE);
+  }
  if (0 < TALER_amount_cmp (&amount_required,
                            &balance))
  {
--- a/src/include/taler_error_codes.h
+++ b/src/include/taler_error_codes.h
@ -232,6 +232,14 @@ enum TALER_ErrorCode
   */
  TALER_EC_WITHDRAW_HISTORY_DB_ERROR_INSUFFICIENT_FUNDS = 1112,

+  /**
+   * When computing the reserve history, we ended up with a negative
+   * overall balance, which should be impossible.
+   * This response is provided with HTTP status code
+   * MHD_HTTP_INTERNAL_SERVER_ERROR.
+   */
+  TALER_EC_WITHDRAW_RESERVE_HISTORY_IMPOSSIBLE = 1113,
+
  /**
   * The exchange failed to obtain the transaction history of the
   * given reserve from the database.