diff options
| author | Dan Finlay <dan@danfinlay.com> | 2017-10-06 05:39:35 +0800 |
|---|---|---|
| committer | Dan Finlay <dan@danfinlay.com> | 2017-10-06 05:39:35 +0800 |
| commit | 9bc80d998eda937e3a8f95fa5e04fcba66e8a6f8 (patch) | |
| tree | 1a58cfbed24644de8562bf25c640b93a65a130d4 | |
| parent | 176d03b2e8061c50108b2024f7716885097e82fd (diff) | |
| download | tangerine-wallet-browser-9bc80d998eda937e3a8f95fa5e04fcba66e8a6f8.tar tangerine-wallet-browser-9bc80d998eda937e3a8f95fa5e04fcba66e8a6f8.tar.gz tangerine-wallet-browser-9bc80d998eda937e3a8f95fa5e04fcba66e8a6f8.tar.bz2 tangerine-wallet-browser-9bc80d998eda937e3a8f95fa5e04fcba66e8a6f8.tar.lz tangerine-wallet-browser-9bc80d998eda937e3a8f95fa5e04fcba66e8a6f8.tar.xz tangerine-wallet-browser-9bc80d998eda937e3a8f95fa5e04fcba66e8a6f8.tar.zst tangerine-wallet-browser-9bc80d998eda937e3a8f95fa5e04fcba66e8a6f8.zip | |
Add signTypedData input validations
| -rw-r--r-- | app/scripts/lib/typed-message-manager.js | 11 | ||||
| -rw-r--r-- | app/scripts/metamask-controller.js | 13 |
2 files changed, 20 insertions, 4 deletions
diff --git a/app/scripts/lib/typed-message-manager.js b/app/scripts/lib/typed-message-manager.js index e3efdb45d..e041ae9f3 100644 --- a/app/scripts/lib/typed-message-manager.js +++ b/app/scripts/lib/typed-message-manager.js @@ -1,6 +1,7 @@ const EventEmitter = require('events') const ObservableStore = require('obs-store') const createId = require('./random-id') +const assert = require('assert') module.exports = class TypedMessageManager extends EventEmitter { @@ -23,6 +24,8 @@ module.exports = class TypedMessageManager extends EventEmitter { } addUnapprovedMessage (msgParams) { + this.validateParams(msgParams) + log.debug(`TypedMessageManager addUnapprovedMessage: ${JSON.stringify(msgParams)}`) // create txData obj with parameters and meta data var time = (new Date()).getTime() @@ -41,6 +44,14 @@ module.exports = class TypedMessageManager extends EventEmitter { return msgId } + validateParams (params) { + assert.equal(typeof params, 'object', 'Params should ben an object.') + assert.ok('data' in params, 'Params must include a data field.') + assert.ok('from' in params, 'Params must include a from field.') + assert.ok(Array.isArray(params.data), 'Data should be an array.') + assert.equal(typeof params.from, 'string', 'From field must be a string.') + } + addMsg (msg) { this.messages.push(msg) this._saveMsgList() diff --git a/app/scripts/metamask-controller.js b/app/scripts/metamask-controller.js index 8f773a72b..727f48f1c 100644 --- a/app/scripts/metamask-controller.js +++ b/app/scripts/metamask-controller.js @@ -566,11 +566,16 @@ module.exports = class MetamaskController extends EventEmitter { } newUnsignedTypedMessage (msgParams, cb) { - const msgId = this.typedMessageManager.addUnapprovedMessage(msgParams) - this.sendUpdate() - this.opts.showUnconfirmedMessage() + let msgId + try { + msgId = this.typedMessageManager.addUnapprovedMessage(msgParams) + this.sendUpdate() + this.opts.showUnconfirmedMessage() + } catch (e) { + return cb(e) + } + this.typedMessageManager.once(`${msgId}:finished`, (data) => { - console.log(data) switch (data.status) { case 'signed': return cb(null, data.rawSig) |