[taler-merchant] branch master updated: fix more size_t / unsigned int confusions in merchant backend

[gnunet]

This is an automated email from the git hooks/post-receive script.

grothoff pushed a commit to branch master
in repository merchant.

The following commit(s) were added to refs/heads/master by this push:
     new 8025a725 fix more size_t / unsigned int confusions in merchant backend
8025a725 is described below

commit 8025a725eee08ddc404c1ffe6b9fbe6e61a4aa37
Author: Christian Grothoff <christian@grothoff.org>
AuthorDate: Fri Mar 22 14:46:14 2024 +0100

    fix more size_t / unsigned int confusions in merchant backend
---
 src/backend/taler-merchant-httpd_helper.c          |  4 +--
 .../taler-merchant-httpd_post-orders-ID-abort.c    | 18 ++++++------
 .../taler-merchant-httpd_post-orders-ID-pay.c      | 34 ++++++++++------------
 .../taler-merchant-httpd_private-post-orders.c     | 20 ++++++++++++-
 4 files changed, 46 insertions(+), 30 deletions(-)

diff --git a/src/backend/taler-merchant-httpd_helper.c 
b/src/backend/taler-merchant-httpd_helper.c
index f21b2e48..8fb5823e 100644
--- a/src/backend/taler-merchant-httpd_helper.c
+++ b/src/backend/taler-merchant-httpd_helper.c
@@ -97,7 +97,7 @@ TMH_cmp_wire_account (
 bool
 TMH_accounts_array_valid (const json_t *accounts)
 {
-  unsigned int len;
+  size_t len;
 
   if (! json_is_array (accounts))
   {
@@ -105,7 +105,7 @@ TMH_accounts_array_valid (const json_t *accounts)
     return false;
   }
   len = json_array_size (accounts);
-  for (unsigned int i = 0; i<len; i++)
+  for (size_t i = 0; i<len; i++)
   {
     json_t *payto_uri = json_array_get (accounts,
                                         i);
diff --git a/src/backend/taler-merchant-httpd_post-orders-ID-abort.c 
b/src/backend/taler-merchant-httpd_post-orders-ID-abort.c
index e7baf540..50a793a3 100644
--- a/src/backend/taler-merchant-httpd_post-orders-ID-abort.c
+++ b/src/backend/taler-merchant-httpd_post-orders-ID-abort.c
@@ -186,7 +186,7 @@ struct AbortContext
   /**
    * Number of coins this abort is for.  Length of the @e rd array.
    */
-  unsigned int coins_cnt;
+  size_t coins_cnt;
 
   /**
    * How often have we retried the 'main' transaction?
@@ -198,7 +198,7 @@ struct AbortContext
    * @e coins_cnt, decremented on each transaction that
    * successfully finished.
    */
-  unsigned int pending;
+  size_t pending;
 
   /**
    * Number of transactions still pending for the currently selected
@@ -206,7 +206,7 @@ struct AbortContext
    * exchange, decremented on each transaction that successfully
    * finished.  Once it hits zero, we pick the next exchange.
    */
-  unsigned int pending_at_ce;
+  size_t pending_at_ce;
 
   /**
    * HTTP status code to use for the reply, i.e 200 for "OK".
@@ -247,7 +247,7 @@ abort_refunds (struct AbortContext *ac)
 {
   GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
               "Aborting pending /deposit operations\n");
-  for (unsigned int i = 0; i<ac->coins_cnt; i++)
+  for (size_t i = 0; i<ac->coins_cnt; i++)
   {
     struct RefundDetails *rdi = &ac->rd[i];
 
@@ -356,7 +356,7 @@ generate_success_response (struct AbortContext *ac)
                              "could not create JSON array");
     return;
   }
-  for (unsigned int i = 0; i<ac->coins_cnt; i++)
+  for (size_t i = 0; i<ac->coins_cnt; i++)
   {
     struct RefundDetails *rdi = &ac->rd[i];
     json_t *detail;
@@ -424,7 +424,7 @@ abort_context_cleanup (void *cls)
     ac->timeout_task = NULL;
   }
   abort_refunds (ac);
-  for (unsigned int i = 0; i<ac->coins_cnt; i++)
+  for (size_t i = 0; i<ac->coins_cnt; i++)
   {
     struct RefundDetails *rdi = &ac->rd[i];
 
@@ -522,7 +522,7 @@ process_abort_with_exchange (void *cls,
   /* Initiate refund operation for all coins of
      the current exchange (!) */
   GNUNET_assert (0 == ac->pending_at_ce);
-  for (unsigned int i = 0; i<ac->coins_cnt; i++)
+  for (size_t i = 0; i<ac->coins_cnt; i++)
   {
     struct RefundDetails *rdi = &ac->rd[i];
 
@@ -579,7 +579,7 @@ begin_transaction (struct AbortContext *ac);
 static void
 find_next_exchange (struct AbortContext *ac)
 {
-  for (unsigned int i = 0; i<ac->coins_cnt; i++)
+  for (size_t i = 0; i<ac->coins_cnt; i++)
   {
     struct RefundDetails *rdi = &ac->rd[i];
 
@@ -635,7 +635,7 @@ refund_coins (void *cls,
   (void) deposit_fee;
   (void) refund_fee;
   now = GNUNET_TIME_timestamp_get ();
-  for (unsigned int i = 0; i<ac->coins_cnt; i++)
+  for (size_t i = 0; i<ac->coins_cnt; i++)
   {
     struct RefundDetails *rdi = &ac->rd[i];
     enum GNUNET_DB_QueryStatus qs;
diff --git a/src/backend/taler-merchant-httpd_post-orders-ID-pay.c 
b/src/backend/taler-merchant-httpd_post-orders-ID-pay.c
index cbd4aa74..07a6233a 100644
--- a/src/backend/taler-merchant-httpd_post-orders-ID-pay.c
+++ b/src/backend/taler-merchant-httpd_post-orders-ID-pay.c
@@ -418,7 +418,7 @@ struct PayContext
    * Number of coins this payment is made of.  Length
    * of the @e dc array.
    */
-  unsigned int coins_cnt;
+  size_t coins_cnt;
 
   /**
    * Number of exchanges involved in the payment. Length
@@ -542,7 +542,6 @@ resume_pay_with_response (struct PayContext *pc,
   GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
               "Resuming /pay handling. HTTP status for our reply is %u.\n",
               response_code);
-#if 1
   for (unsigned int i = 0; i<pc->num_exchanges; i++)
   {
     struct ExchangeGroup *eg = pc->egs[i];
@@ -561,7 +560,6 @@ resume_pay_with_response (struct PayContext *pc,
     }
   }
   GNUNET_assert (0 == pc->pending_at_eg);
-#endif
   if (NULL != pc->timeout_task)
   {
     GNUNET_SCHEDULER_cancel (pc->timeout_task);
@@ -653,7 +651,7 @@ batch_deposit_transaction (const struct ExchangeGroup *eg,
   GNUNET_assert (GNUNET_OK ==
                  TALER_amount_set_zero (pc->amount.currency,
                                         &total_without_fees));
-  for (unsigned int i = 0; i<pc->coins_cnt; i++)
+  for (size_t i = 0; i<pc->coins_cnt; i++)
   {
     struct DepositConfirmation *dc = &pc->dc[i];
     struct TALER_Amount amount_without_fees;
@@ -689,7 +687,7 @@ batch_deposit_transaction (const struct ExchangeGroup *eg,
   if (qs <= 0)
     return qs; /* Entire batch already known or failure, we're done */
 
-  for (unsigned int i = 0; i<pc->coins_cnt; i++)
+  for (size_t i = 0; i<pc->coins_cnt; i++)
   {
     struct DepositConfirmation *dc = &pc->dc[i];
 
@@ -796,7 +794,7 @@ handle_batch_deposit_ok (struct ExchangeGroup *eg,
   }
 
   /* Transaction is done, mark affected coins as complete as well. */
-  for (unsigned int i = 0; i<pc->coins_cnt; i++)
+  for (size_t i = 0; i<pc->coins_cnt; i++)
   {
     struct DepositConfirmation *dc = &pc->dc[i];
 
@@ -986,7 +984,7 @@ process_pay_with_keys (
   /* Initiate /batch-deposit operation for all coins of
      the current exchange (!) */
   group_size = 0;
-  for (unsigned int i = 0; i<pc->coins_cnt; i++)
+  for (size_t i = 0; i<pc->coins_cnt; i++)
   {
     struct DepositConfirmation *dc = &pc->dc[i];
     const struct TALER_EXCHANGE_DenomPublicKey *denom_details;
@@ -1144,9 +1142,9 @@ AGE_FAIL:
       .refund_deadline = pc->refund_deadline
     };
     enum TALER_ErrorCode ec;
-    unsigned int off = 0;
+    size_t off = 0;
 
-    for (unsigned int i = 0; i<pc->coins_cnt; i++)
+    for (size_t i = 0; i<pc->coins_cnt; i++)
     {
       struct DepositConfirmation *dc = &pc->dc[i];
 
@@ -1275,7 +1273,7 @@ phase_batch_deposits (struct PayContext *pc)
     struct ExchangeGroup *eg = pc->egs[i];
     bool have_coins = false;
 
-    for (unsigned int j = 0; j<pc->coins_cnt; j++)
+    for (size_t j = 0; j<pc->coins_cnt; j++)
     {
       struct DepositConfirmation *dc = &pc->dc[j];
 
@@ -1437,7 +1435,7 @@ check_coin_paid (void *cls,
 {
   struct PayContext *pc = cls;
 
-  for (unsigned int i = 0; i<pc->coins_cnt; i++)
+  for (size_t i = 0; i<pc->coins_cnt; i++)
   {
     struct DepositConfirmation *dc = &pc->dc[i];
 
@@ -1511,7 +1509,7 @@ check_coin_refunded (void *cls,
      an abort-pay refund (an unusual but possible case), we need
      to make sure that existing refunds are accounted for. */
 
-  for (unsigned int i = 0; i<pc->coins_cnt; i++)
+  for (size_t i = 0; i<pc->coins_cnt; i++)
   {
     struct DepositConfirmation *dc = &pc->dc[i];
 
@@ -1597,7 +1595,7 @@ check_payment_sufficient (struct PayContext *pc)
   GNUNET_assert (GNUNET_OK ==
                  TALER_amount_set_zero (pc->amount.currency,
                                         &acc_amount));
-  for (unsigned int i = 0; i<pc->coins_cnt; i++)
+  for (size_t i = 0; i<pc->coins_cnt; i++)
   {
     struct DepositConfirmation *dc = &pc->dc[i];
 
@@ -1834,7 +1832,7 @@ phase_execute_pay_transaction (struct PayContext *pc)
   GNUNET_break (GNUNET_OK ==
                 TALER_amount_set_zero (pc->amount.currency,
                                        &pc->total_refunded));
-  for (unsigned int i = 0; i<pc->coins_cnt; i++)
+  for (size_t i = 0; i<pc->coins_cnt; i++)
     pc->dc[i].found_in_db = false;
   pc->pending = pc->coins_cnt;
 
@@ -2051,7 +2049,7 @@ deposit_paid_check (
 {
   struct PayContext *pc = cls;
 
-  for (unsigned int i = 0; i<pc->coins_cnt; i++)
+  for (size_t i = 0; i<pc->coins_cnt; i++)
   {
     struct DepositConfirmation *dci = &pc->dc[i];
 
@@ -2102,7 +2100,7 @@ phase_contract_paid (struct PayContext *pc)
                                          "lookup_deposits_by_order"));
     return;
   }
-  for (unsigned int i = 0; i<pc->coins_cnt; i++)
+  for (size_t i = 0; i<pc->coins_cnt; i++)
   {
     struct DepositConfirmation *dci = &pc->dc[i];
 
@@ -2134,7 +2132,7 @@ phase_contract_paid (struct PayContext *pc)
               pc->order_id);
   refunds = json_array ();
   GNUNET_assert (NULL != refunds);
-  for (unsigned int i = 0; i<pc->coins_cnt; i++)
+  for (size_t i = 0; i<pc->coins_cnt; i++)
   {
     struct DepositConfirmation *dci = &pc->dc[i];
     struct TALER_MerchantSignatureP merchant_sig;
@@ -2328,7 +2326,7 @@ phase_check_contract (struct PayContext *pc)
     return;
   }
 
-  for (unsigned int i = 0; i<pc->coins_cnt; i++)
+  for (size_t i = 0; i<pc->coins_cnt; i++)
   {
     struct DepositConfirmation *dc = &pc->dc[i];
 
diff --git a/src/backend/taler-merchant-httpd_private-post-orders.c 
b/src/backend/taler-merchant-httpd_private-post-orders.c
index 6be11f16..7ca56319 100644
--- a/src/backend/taler-merchant-httpd_private-post-orders.c
+++ b/src/backend/taler-merchant-httpd_private-post-orders.c
@@ -42,6 +42,11 @@
  */
 #define MAX_RETRIES 3
 
+/**
+ * Maximum number of inventory products per order.
+ */
+#define MAX_PRODUCTS 1024
+
 /**
  * What is the label under which we find/place the merchant's
  * jurisdiction in the locations list by default?
@@ -2189,9 +2194,22 @@ parse_request (struct OrderContext *oc)
   /* parse the inventory_products (optionally given) */
   if (NULL != ip)
   {
+    unsigned int ipl = (unsigned int) json_array_size (ip);
+
+    if ( (json_array_size (ip) != (size_t) ipl) ||
+         (ipl > MAX_PRODUCTS) )
+    {
+      GNUNET_break (0);
+      GNUNET_JSON_parse_free (spec);
+      reply_with_error (oc,
+                        MHD_HTTP_INTERNAL_SERVER_ERROR,
+                        TALER_EC_GENERIC_ALLOCATION_FAILURE,
+                        "inventory products too long");
+      return;
+    }
     GNUNET_array_grow (oc->parse_request.inventory_products,
                        oc->parse_request.inventory_products_length,
-                       json_array_size (ip));
+                       (unsigned int) json_array_size (ip));
     for (unsigned int i = 0; i<oc->parse_request.inventory_products_length; 
i++)
     {
       struct InventoryProduct *ipr = &oc->parse_request.inventory_products[i];

-- 
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.