From 941b5086029c64008690ef6ee4c36ffa8ef0faa9 Mon Sep 17 00:00:00 2001 From: Geoffrey Ragot Date: Thu, 20 Jan 2022 16:59:50 +0100 Subject: [PATCH] Add checks on source/destination/asset transaction properties. --- pkg/core/asset.go | 6 +++--- pkg/core/posting.go | 8 ++++++++ pkg/ledger/ledger.go | 9 +++++++++ 3 files changed, 20 insertions(+), 3 deletions(-) diff --git a/pkg/core/asset.go b/pkg/core/asset.go index bd43a2492..3b0b76220 100644 --- a/pkg/core/asset.go +++ b/pkg/core/asset.go @@ -2,8 +2,8 @@ package core import "regexp" -func AssetIsValid(v string) bool { - re := regexp.MustCompile("[A-Z]{1,8}") +var assetRegexp = regexp.MustCompile("[A-Z]{1,16}(\\/\\d{1,6})?") - return re.Match([]byte(v)) +func AssetIsValid(v string) bool { + return assetRegexp.Match([]byte(v)) } diff --git a/pkg/core/posting.go b/pkg/core/posting.go index b39163af8..53d24932f 100644 --- a/pkg/core/posting.go +++ b/pkg/core/posting.go @@ -1,5 +1,7 @@ package core +import "regexp" + type Posting struct { Source string `json:"source"` Destination string `json:"destination"` @@ -21,3 +23,9 @@ func (ps Postings) Reverse() { ps[opp].Source, ps[opp].Destination = ps[opp].Destination, ps[opp].Source } } + +var addressRegexp = regexp.MustCompile("^[a-zA-Z_0-9]+(:[a-zA-Z_0-9]+){0,}$") + +func ValidateAddress(addr string) bool { + return addressRegexp.Match([]byte(addr)) +} diff --git a/pkg/ledger/ledger.go b/pkg/ledger/ledger.go index e9ca3f8c7..2af58f34a 100644 --- a/pkg/ledger/ledger.go +++ b/pkg/ledger/ledger.go @@ -84,6 +84,15 @@ func (l *Ledger) Commit(ctx context.Context, ts []core.Transaction) ([]core.Tran if p.Amount < 0 { return ts, NewValidationError("negative amount") } + if !core.ValidateAddress(p.Source) { + return nil, NewValidationError("invalid source address") + } + if !core.ValidateAddress(p.Destination) { + return nil, NewValidationError("invalid destination address") + } + if !core.AssetIsValid(p.Asset) { + return nil, NewValidationError("invalid asset") + } if _, ok := rf[p.Source]; !ok { rf[p.Source] = map[string]int64{} }