diff options
| author | Alex Beregszaszi <alex@rtfs.hu> | 2018-02-28 17:44:48 +0800 |
|---|---|---|
| committer | Alex Beregszaszi <alex@rtfs.hu> | 2018-02-28 17:44:48 +0800 |
| commit | 7897301b7179603a1bc74d7be9eff6ccc67398db (patch) | |
| tree | 7b36d115f9482963d04b44c35899b128dc1d1921 | |
| parent | 83fec0232d38eb6214eb41104b6cd51b6f21f282 (diff) | |
| download | dexon-solidity-7897301b7179603a1bc74d7be9eff6ccc67398db.tar dexon-solidity-7897301b7179603a1bc74d7be9eff6ccc67398db.tar.gz dexon-solidity-7897301b7179603a1bc74d7be9eff6ccc67398db.tar.bz2 dexon-solidity-7897301b7179603a1bc74d7be9eff6ccc67398db.tar.lz dexon-solidity-7897301b7179603a1bc74d7be9eff6ccc67398db.tar.xz dexon-solidity-7897301b7179603a1bc74d7be9eff6ccc67398db.tar.zst dexon-solidity-7897301b7179603a1bc74d7be9eff6ccc67398db.zip | |
Properly validate invalid hex characters in JSONIO libraries
| -rw-r--r-- | libsolidity/interface/StandardCompiler.cpp | 16 | ||||
| -rw-r--r-- | test/libsolidity/StandardCompiler.cpp | 23 |
2 files changed, 37 insertions, 2 deletions
diff --git a/libsolidity/interface/StandardCompiler.cpp b/libsolidity/interface/StandardCompiler.cpp index 6b113654..8c64c164 100644 --- a/libsolidity/interface/StandardCompiler.cpp +++ b/libsolidity/interface/StandardCompiler.cpp @@ -336,8 +336,20 @@ Json::Value StandardCompiler::compileInternal(Json::Value const& _input) if (!jsonSourceName.isObject()) return formatFatalError("JSONError", "library entry is not a JSON object."); for (auto const& library: jsonSourceName.getMemberNames()) - // @TODO use libraries only for the given source - libraries[library] = h160(jsonSourceName[library].asString()); + { + try + { + // @TODO use libraries only for the given source + libraries[library] = h160(jsonSourceName[library].asString()); + } + catch (dev::BadHexCharacter) + { + return formatFatalError( + "JSONError", + "Invalid library address (\"" + jsonSourceName[library].asString() + "\") supplied." + ); + } + } } m_compilerStack.setLibraries(libraries); diff --git a/test/libsolidity/StandardCompiler.cpp b/test/libsolidity/StandardCompiler.cpp index c4caf203..0bb94172 100644 --- a/test/libsolidity/StandardCompiler.cpp +++ b/test/libsolidity/StandardCompiler.cpp @@ -610,6 +610,29 @@ BOOST_AUTO_TEST_CASE(libraries_invalid_entry) BOOST_CHECK(containsError(result, "JSONError", "library entry is not a JSON object.")); } +BOOST_AUTO_TEST_CASE(libraries_invalid_hex) +{ + char const* input = R"( + { + "language": "Solidity", + "settings": { + "libraries": { + "library.sol": { + "L": "0x4200000000000000000000000000000000000xx1" + } + } + }, + "sources": { + "empty": { + "content": "" + } + } + } + )"; + Json::Value result = compile(input); + BOOST_CHECK(containsError(result, "JSONError", "Invalid library address (\"0x4200000000000000000000000000000000000xx1\") supplied.")); +} + BOOST_AUTO_TEST_CASE(libraries_various_addresses) { char const* input = R"( |