Merge pull request #5624 from ethereum/standard_json_unknown_keys

Disallow unknown JSON keys in standard-json
author: chriseth <chris@ethereum.org> 2018-12-13 16:58:34 +0800
committer: GitHub <noreply@github.com> 2018-12-13 16:58:34 +0800
commit: 6e205cc4e32ccc55307a44ade4269448f6346924 (patch)
tree: 05178f3f066cd38e34efcb02e45802c55ece3a72 /libsolidity
parent: b3e2ba1581362233d46d32f5b335a3e1ee4c32a4 (diff)
parent: 8cd2ac84622185a59ee61439289d1defe58dec99 (diff)
download: dexon-solidity-6e205cc4e32ccc55307a44ade4269448f6346924.tar.gz
dexon-solidity-6e205cc4e32ccc55307a44ade4269448f6346924.tar.zst
dexon-solidity-6e205cc4e32ccc55307a44ade4269448f6346924.zip
1 files changed, 68 insertions, 0 deletions
diff --git a/libsolidity/interface/StandardCompiler.cpp b/libsolidity/interface/StandardCompiler.cpp
index 862b6633..21d213e7 100644
--- a/libsolidity/interface/StandardCompiler.cpp
+++ b/libsolidity/interface/StandardCompiler.cpp
@@ -27,7 +27,10 @@
 #include <libdevcore/JSON.h>
 #include <libdevcore/Keccak256.h>
 
+#include <algorithm>
+
 #include <boost/algorithm/string.hpp>
+#include <boost/optional.hpp>
 
 using namespace std;
 using namespace dev;
@@ -225,6 +228,50 @@ Json::Value collectEVMObject(eth::LinkerObject const& _object, string const* _so
 	return output;
 }
 
+boost::optional<Json::Value> checkKeys(Json::Value const& _input, set<string> const& _keys)
+{
+	for (auto const& member: _input.getMemberNames())
+		if (!_keys.count(member))
+			return formatFatalError("JSONError", "Unknown key \"" + member + "\"");
+	return boost::none;
+}
+
+boost::optional<Json::Value> checkRootKeys(Json::Value const& _input)
+{
+	static set<string> keys{"auxiliaryInput", "language", "settings", "sources"};
+	return checkKeys(_input, keys);
+}
+
+boost::optional<Json::Value> checkSourceKeys(Json::Value const& _input)
+{
+	static set<string> keys{"content", "keccak256", "urls"};
+	return checkKeys(_input, keys);
+}
+
+boost::optional<Json::Value> checkAuxiliaryInputKeys(Json::Value const& _input)
+{
+	static set<string> keys{"smtlib2responses"};
+	return checkKeys(_input, keys);
+}
+
+boost::optional<Json::Value> checkSettingsKeys(Json::Value const& _input)
+{
+	static set<string> keys{"evmVersion", "libraries", "metadata", "optimizer", "outputSelection", "remappings"};
+	return checkKeys(_input, keys);
+}
+
+boost::optional<Json::Value> checkOptimizerKeys(Json::Value const& _input)
+{
+	static set<string> keys{"enabled", "runs"};
+	return checkKeys(_input, keys);
+}
+
+boost::optional<Json::Value> checkMetadataKeys(Json::Value const& _input)
+{
+	static set<string> keys{"useLiteralContent"};
+	return checkKeys(_input, keys);
+}
+
 }
 
 Json::Value StandardCompiler::compileInternal(Json::Value const& _input)
@@ -234,6 +281,9 @@ Json::Value StandardCompiler::compileInternal(Json::Value const& _input)
 	if (!_input.isObject())
 		return formatFatalError("JSONError", "Input is not a JSON object.");
 
+	if (auto result = checkRootKeys(_input))
+		return *result;
+
 	if (_input["language"] != "Solidity")
 		return formatFatalError("JSONError", "Only \"Solidity\" is supported as a language.");
 
@@ -254,6 +304,9 @@ Json::Value StandardCompiler::compileInternal(Json::Value const& _input)
 		if (!sources[sourceName].isObject())
 			return formatFatalError("JSONError", "Source input is not a JSON object.");
 
+		if (auto result = checkSourceKeys(sources[sourceName]))
+			return *result;
+
 		if (sources[sourceName]["keccak256"].isString())
 			hash = sources[sourceName]["keccak256"].asString();
 
@@ -319,6 +372,10 @@ Json::Value StandardCompiler::compileInternal(Json::Value const& _input)
 	}
 
 	Json::Value const& auxInputs = _input["auxiliaryInput"];
+
+	if (auto result = checkAuxiliaryInputKeys(auxInputs))
+		return *result;
+
 	if (!!auxInputs)
 	{
 		Json::Value const& smtlib2Responses = auxInputs["smtlib2responses"];
@@ -341,6 +398,9 @@ Json::Value StandardCompiler::compileInternal(Json::Value const& _input)
 
 	Json::Value const& settings = _input.get("settings", Json::Value());
 
+	if (auto result = checkSettingsKeys(settings))
+		return *result;
+
 	if (settings.isMember("evmVersion"))
 	{
 		if (!settings["evmVersion"].isString())
@@ -366,6 +426,10 @@ Json::Value StandardCompiler::compileInternal(Json::Value const& _input)
 	if (settings.isMember("optimizer"))
 	{
 		Json::Value optimizerSettings = settings["optimizer"];
+
+		if (auto result = checkOptimizerKeys(optimizerSettings))
+			return *result;
+
 		if (optimizerSettings.isMember("enabled"))
 		{
 			if (!optimizerSettings["enabled"].isBool())
@@ -427,6 +491,10 @@ Json::Value StandardCompiler::compileInternal(Json::Value const& _input)
 	m_compilerStack.setLibraries(libraries);
 
 	Json::Value metadataSettings = settings.get("metadata", Json::Value());
+
+	if (auto result = checkMetadataKeys(metadataSettings))
+		return *result;
+
 	m_compilerStack.useMetadataLiteralSources(metadataSettings.get("useLiteralContent", Json::Value(false)).asBool());
 
 	Json::Value outputSelection = settings.get("outputSelection", Json::Value());
author	chriseth <chris@ethereum.org>	2018-12-13 16:58:34 +0800
committer	GitHub <noreply@github.com>	2018-12-13 16:58:34 +0800
commit	6e205cc4e32ccc55307a44ade4269448f6346924 (patch)
tree	05178f3f066cd38e34efcb02e45802c55ece3a72 /libsolidity
parent	b3e2ba1581362233d46d32f5b335a3e1ee4c32a4 (diff)
parent	8cd2ac84622185a59ee61439289d1defe58dec99 (diff)
download	dexon-solidity-6e205cc4e32ccc55307a44ade4269448f6346924.tar.gz dexon-solidity-6e205cc4e32ccc55307a44ade4269448f6346924.tar.zst dexon-solidity-6e205cc4e32ccc55307a44ade4269448f6346924.zip