cerc-io/solidity
15
0
Fork 0
mirror of https://github.com/ethereum/solidity synced 2023-10-03 13:03:40 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #2159 from ethereum/jsonio-source-verify

Browse Source 
Verify supplied hash in JSON I/O
This commit is contained in:
chriseth 2017-04-24 16:15:32 +02:00 committed by GitHub
commit 2c3fea55df
1 changed files with 45 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

49
libsolidity/interface/StandardCompiler.cpp
View File

@ -25,6 +25,7 @@
#include <libsolidity/ast/ASTJsonConverter.h> #include <libsolidity/ast/ASTJsonConverter.h>
#include <libevmasm/Instruction.h> #include <libevmasm/Instruction.h>
#include <libdevcore/JSON.h> #include <libdevcore/JSON.h>
#include <libdevcore/SHA3.h>
using namespace std; using namespace std;
using namespace dev; using namespace dev;
@ -91,6 +92,19 @@ Json::Value formatErrorWithException(
return formatError(_warning, _type, _component, message, formattedMessage, location); return formatError(_warning, _type, _component, message, formattedMessage, location);
} }
/// Returns true iff @a _hash (hex with 0x prefix) is the Keccak256 hash of the binary data in @a _content.
bool hashMatchesContent(string const& _hash, string const& _content)
{
try
{
return dev::h256(_hash) == dev::keccak256(_content);
}
catch (dev::BadHexCharacter)
{
return false;
}
}
StringMap createSourceList(Json::Value const& _input) StringMap createSourceList(Json::Value const& _input)
{ {
StringMap sources; StringMap sources;
@ -165,8 +179,24 @@ Json::Value StandardCompiler::compileInternal(Json::Value const& _input)
Json::Value errors = Json::arrayValue; Json::Value errors = Json::arrayValue;
for (auto const& sourceName: sources.getMemberNames()) for (auto const& sourceName: sources.getMemberNames())
{
string hash;
if (sources[sourceName]["keccak256"].isString())
hash = sources[sourceName]["keccak256"].asString();
if (sources[sourceName]["content"].isString()) if (sources[sourceName]["content"].isString())
m_compilerStack.addSource(sourceName, sources[sourceName]["content"].asString()); {
string content = sources[sourceName]["content"].asString();
if (!hash.empty() && !hashMatchesContent(hash, content))
errors.append(formatError(
false,
"IOError",
"general",
"Mismatch between content and supplied hash for \"" + sourceName + "\""
));
else
m_compilerStack.addSource(sourceName, content);
}
else if (sources[sourceName]["urls"].isArray()) else if (sources[sourceName]["urls"].isArray())
{ {
if (!m_readFile) if (!m_readFile)
@ -180,9 +210,19 @@ Json::Value StandardCompiler::compileInternal(Json::Value const& _input)
ReadFile::Result result = m_readFile(url.asString()); ReadFile::Result result = m_readFile(url.asString());
if (result.success) if (result.success)
{ {
m_compilerStack.addSource(sourceName, result.contentsOrErrorMessage); if (!hash.empty() && !hashMatchesContent(hash, result.contentsOrErrorMessage))
found = true; errors.append(formatError(
break; false,
"IOError",
"general",
"Mismatch between content and supplied hash for \"" + sourceName + "\" at \"" + url.asString() + "\""
));
else
{
m_compilerStack.addSource(sourceName, result.contentsOrErrorMessage);
found = true;
break;
}
} }
else else
failures.push_back("Cannot import url (\"" + url.asString() + "\"): " + result.contentsOrErrorMessage); failures.push_back("Cannot import url (\"" + url.asString() + "\"): " + result.contentsOrErrorMessage);
@ -201,6 +241,7 @@ Json::Value StandardCompiler::compileInternal(Json::Value const& _input)
} }
else else
return formatFatalError("JSONError", "Invalid input source specified."); return formatFatalError("JSONError", "Invalid input source specified.");
}
Json::Value const& settings = _input.get("settings", Json::Value()); Json::Value const& settings = _input.get("settings", Json::Value());