diff options
| author | Alex Beregszaszi <alex@rtfs.hu> | 2018-02-28 17:44:48 +0800 |
|---|---|---|
| committer | Alex Beregszaszi <alex@rtfs.hu> | 2018-02-28 17:44:48 +0800 |
| commit | 7897301b7179603a1bc74d7be9eff6ccc67398db (patch) | |
| tree | 7b36d115f9482963d04b44c35899b128dc1d1921 /libsolidity | |
| parent | 83fec0232d38eb6214eb41104b6cd51b6f21f282 (diff) | |
| download | dexon-solidity-7897301b7179603a1bc74d7be9eff6ccc67398db.tar.gz dexon-solidity-7897301b7179603a1bc74d7be9eff6ccc67398db.tar.zst dexon-solidity-7897301b7179603a1bc74d7be9eff6ccc67398db.zip | |
Properly validate invalid hex characters in JSONIO libraries
Diffstat (limited to 'libsolidity')
| -rw-r--r-- | libsolidity/interface/StandardCompiler.cpp | 16 |
1 files changed, 14 insertions, 2 deletions
diff --git a/libsolidity/interface/StandardCompiler.cpp b/libsolidity/interface/StandardCompiler.cpp index 6b113654..8c64c164 100644 --- a/libsolidity/interface/StandardCompiler.cpp +++ b/libsolidity/interface/StandardCompiler.cpp @@ -336,8 +336,20 @@ Json::Value StandardCompiler::compileInternal(Json::Value const& _input) if (!jsonSourceName.isObject()) return formatFatalError("JSONError", "library entry is not a JSON object."); for (auto const& library: jsonSourceName.getMemberNames()) - // @TODO use libraries only for the given source - libraries[library] = h160(jsonSourceName[library].asString()); + { + try + { + // @TODO use libraries only for the given source + libraries[library] = h160(jsonSourceName[library].asString()); + } + catch (dev::BadHexCharacter) + { + return formatFatalError( + "JSONError", + "Invalid library address (\"" + jsonSourceName[library].asString() + "\") supplied." + ); + } + } } m_compilerStack.setLibraries(libraries); |