fix: sanitize outputs - electrum - Electrum Bitcoin wallet

commit 38a6747eff4d8202c7a7a9b65f1c54f7341d7c6e
parent 0673df9176455303ed749777672bcb52d2f18591
Author: ThomasV <thomasv@gitorious>
Date:   Fri,  6 Jun 2014 07:48:08 +0200

fix: sanitize outputs

Diffstat:
M gui/qt/main_window.py  | 16 ++++++++++++++--
M gui/qt/paytoedit.py  | 25 ++++++++-----------------
M lib/paymentrequest.py  | 3 ---
M lib/wallet.py  | 2 +-

4 files changed, 23 insertions(+), 23 deletions(-)
diff --git a/gui/qt/main_window.py b/gui/qt/main_window.py
@@ -797,10 +797,22 @@ class ElectrumWindow(QMainWindow):
 
         if self.gui_object.payment_request:
             outputs = self.gui_object.payment_request.outputs
-            amount = self.gui_object.payment_request.get_amount()
         else:
             outputs = self.payto_e.get_outputs()
-            amount = sum(map(lambda x:x[1], outputs))
+
+        if not outputs:
+            QMessageBox.warning(self, _('Error'), _('No outputs'), _('OK'))
+            return
+
+        for addr, x in outputs:
+            if addr is None or not bitcoin.is_address(addr):
+                QMessageBox.warning(self, _('Error'), _('Invalid Bitcoin Address'), _('OK'))
+                return
+            if type(x) is not int:
+                QMessageBox.warning(self, _('Error'), _('Invalid Amount'), _('OK'))
+                return
+
+        amount = sum(map(lambda x:x[1], outputs))
 
         try:
             fee = self.fee_e.get_amount()
diff --git a/gui/qt/paytoedit.py b/gui/qt/paytoedit.py
@@ -41,6 +41,7 @@ class PayToEdit(QTextEdit):
         self.setMaximumHeight(27)
         self.c = None
         self.textChanged.connect(self.check_text)
+        self.outputs = []
 
     def lock_amount(self):
         self.amount_edit.setFrozen(True)
@@ -88,8 +89,15 @@ class PayToEdit(QTextEdit):
                 self.payto_address = self.parse_address(lines[0])
             except:
                 pass
+
             if self.payto_address:
                 self.unlock_amount()
+                try:
+                    amount = self.amount_edit.get_amount()
+                except:
+                    amount = None
+
+                self.outputs = [(self.payto_address, amount)]
                 return
 
         for line in lines:
@@ -115,24 +123,7 @@ class PayToEdit(QTextEdit):
             self.unlock_amount()
 
 
-
     def get_outputs(self):
-
-        if self.payto_address:
-            
-            if not bitcoin.is_address(self.payto_address):
-                QMessageBox.warning(self, _('Error'), _('Invalid Bitcoin Address') + ':\n' + self.payto_address, _('OK'))
-                return
-
-            try:
-                amount = self.amount_edit.get_amount()
-            except Exception:
-                QMessageBox.warning(self, _('Error'), _('Invalid Amount'), _('OK'))
-                return
-
-            outputs = [(self.payto_address, amount)]
-            return outputs
-
         return self.outputs
 
 
diff --git a/lib/paymentrequest.py b/lib/paymentrequest.py
@@ -57,9 +57,6 @@ class PaymentRequest:
         self.outputs = []
         self.error = ""
 
-    def get_amount(self):
-        return sum(map(lambda x:x[1], self.outputs))
-
 
     def verify(self):
         u = urlparse.urlparse(self.url)
diff --git a/lib/wallet.py b/lib/wallet.py
@@ -118,7 +118,7 @@ class WalletStorage:
         with self.lock:
             if value is not None:
                 self.data[key] = value
-            else:
+            elif key in self.data:
                 self.data.pop(key)
             if save: 
                 self.write()

	electrum Electrum Bitcoin wallet
	git clone https://git.parazyd.org/electrum
	Log \| Files \| Refs \| Submodules

M	gui/qt/main_window.py	\|	16	++++++++++++++--
M	gui/qt/paytoedit.py	\|	25	++++++++-----------------
M	lib/paymentrequest.py	\|	3	---
M	lib/wallet.py	\|	2	+-