d0s3t3ch
/
onion-wownero-blockchain-explorer
mirror of https://git.wownero.com/wownero/onion-wownero-blockchain-explorer.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

added asan compiler option, basic string cleaning 

https://github.com/moneroexamples/onion-monero-blockchain-explorer/issues/91
This commit is contained in:
moneroexamples 2017-12-20 08:04:17 +08:00
parent 61cd869127
commit 6da5b3637e
4 changed files with 299 additions and 265 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
CMakeLists.txt
View File

@ -7,7 +7,12 @@ set(PROJECT_NAME
project(${PROJECT_NAME})
set(CMAKE_CXX_FLAGS
"${CMAKE_CXX_FLAGS} -std=c++14")
"${CMAKE_CXX_FLAGS} -std=c++14 -fsanitize=address -fno-omit-frame-pointer")
set(CMAKE_C_FLAGS
"${CMAKE_C_FLAGS} -fsanitize=address -fno-omit-frame-pointer -DLEAK_SANITIZER")
#
if (WIN32)
set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -Wa,-mbig-obj -O3")
@ -102,16 +107,15 @@ set(LIBRARIES
cryptonote_basic
daemonizer
cncrypto
blocks
lmdb
ringct
common
mnemonics
epee
easylogging
checkpoints
version
epee
${Boost_LIBRARIES}
pthread
unbound

85
main.cpp
View File

@ -11,6 +11,7 @@
#include <regex>
using boost::filesystem::path;
using xmreg::remove_bad_chars;
using namespace std;
@ -276,18 +277,18 @@ main(int ac, const char* av[])
CROW_ROUTE(app, "/block/<string>")
([&](const crow::request& req, string block_hash) {
return crow::response(xmrblocks.show_block(block_hash));
return crow::response(xmrblocks.show_block(remove_bad_chars(block_hash)));
});
CROW_ROUTE(app, "/tx/<string>")
([&](const crow::request& req, string tx_hash) {
return crow::response(xmrblocks.show_tx(tx_hash));
return crow::response(xmrblocks.show_tx(remove_bad_chars(tx_hash)));
});
CROW_ROUTE(app, "/tx/<string>/<uint>")
([&](string tx_hash, uint16_t with_ring_signatures)
{
return xmrblocks.show_tx(tx_hash, with_ring_signatures);
return xmrblocks.show_tx(remove_bad_chars(tx_hash), with_ring_signatures);
});
CROW_ROUTE(app, "/myoutputs").methods("POST"_method)
@ -304,13 +305,13 @@ main(int ac, const char* av[])
return string("xmr address, viewkey or tx hash not provided");
}
string tx_hash = post_body["tx_hash"];
string xmr_address = post_body["xmr_address"];
string viewkey = post_body["viewkey"];
string tx_hash = remove_bad_chars(post_body["tx_hash"]);
string xmr_address = remove_bad_chars(post_body["xmr_address"]);
string viewkey = remove_bad_chars(post_body["viewkey"]);
// this will be only not empty when checking raw tx data
// using tx pusher
string raw_tx_data = post_body["raw_tx_data"];
string raw_tx_data = remove_bad_chars(post_body["raw_tx_data"]);
string domain = get_domain(req);
@ -326,8 +327,10 @@ main(int ac, const char* av[])
string domain = get_domain(req);
return xmrblocks.show_my_outputs(tx_hash, xmr_address,
viewkey, string {},
return xmrblocks.show_my_outputs(remove_bad_chars(tx_hash),
remove_bad_chars(xmr_address),
remove_bad_chars(viewkey),
string {},
domain);
});
@ -345,18 +348,21 @@ main(int ac, const char* av[])
"tx hash not provided");
}
string tx_hash = post_body["txhash"];
string tx_prv_key = post_body["txprvkey"];
string xmr_address = post_body["xmraddress"];
string tx_hash = remove_bad_chars(post_body["txhash"]);
string tx_prv_key = remove_bad_chars(post_body["txprvkey"]);
string xmr_address = remove_bad_chars(post_body["xmraddress"]);
// this will be only not empty when checking raw tx data
// using tx pusher
string raw_tx_data = post_body["raw_tx_data"];
string raw_tx_data = remove_bad_chars(post_body["raw_tx_data"]);
string domain = get_domain(req);
return xmrblocks.show_prove(tx_hash, xmr_address,
tx_prv_key, raw_tx_data, domain);
return xmrblocks.show_prove(tx_hash,
xmr_address,
tx_prv_key,
raw_tx_data,
domain);
});
@ -366,8 +372,11 @@ main(int ac, const char* av[])
string domain = get_domain(req);
return xmrblocks.show_prove(tx_hash, xmr_address,
tx_prv_key, string {}, domain);
return xmrblocks.show_prove(remove_bad_chars(tx_hash),
remove_bad_chars(xmr_address),
remove_bad_chars(tx_prv_key),
string {},
domain);
});
if (enable_pusher)
@ -388,8 +397,8 @@ main(int ac, const char* av[])
return string("Raw tx data or action not provided");
}
string raw_tx_data = post_body["rawtxdata"];
string action = post_body["action"];
string raw_tx_data = remove_bad_chars(post_body["rawtxdata"]);
string action = remove_bad_chars(post_body["action"]);
if (action == "check")
return xmrblocks.show_checkrawtx(raw_tx_data, action);
@ -423,8 +432,8 @@ main(int ac, const char* av[])
return string("Viewkey not provided. Cant decrypt key image file without it");
}
string raw_data = post_body["rawkeyimgsdata"];
string viewkey = post_body["viewkey"];
string raw_data = remove_bad_chars(post_body["rawkeyimgsdata"]);
string viewkey = remove_bad_chars(post_body["viewkey"]);
return xmrblocks.show_checkrawkeyimgs(raw_data, viewkey);
});
@ -455,8 +464,8 @@ main(int ac, const char* av[])
"key image file without it");
}
string raw_data = post_body["rawoutputkeysdata"];
string viewkey = post_body["viewkey"];
string raw_data = remove_bad_chars(post_body["rawoutputkeysdata"]);
string viewkey = remove_bad_chars(post_body["viewkey"]);
return xmrblocks.show_checkcheckrawoutput(raw_data, viewkey);
});
@ -465,7 +474,7 @@ main(int ac, const char* av[])
CROW_ROUTE(app, "/search").methods("GET"_method)
([&](const crow::request& req) {
return xmrblocks.search(string(req.url_params.get("value")));
return xmrblocks.search(remove_bad_chars(string(req.url_params.get("value"))));
});
CROW_ROUTE(app, "/mempool")
@ -496,7 +505,7 @@ main(int ac, const char* av[])
CROW_ROUTE(app, "/api/transaction/<string>")
([&](const crow::request &req, string tx_hash) {
myxmr::jsonresponse r{xmrblocks.json_transaction(tx_hash)};
myxmr::jsonresponse r{xmrblocks.json_transaction(remove_bad_chars(tx_hash))};
return r;
});
@ -504,7 +513,7 @@ main(int ac, const char* av[])
CROW_ROUTE(app, "/api/rawtransaction/<string>")
([&](const crow::request &req, string tx_hash) {
myxmr::jsonresponse r{xmrblocks.json_rawtransaction(tx_hash)};
myxmr::jsonresponse r{xmrblocks.json_rawtransaction(remove_bad_chars(tx_hash))};
return r;
});
@ -512,7 +521,7 @@ main(int ac, const char* av[])
CROW_ROUTE(app, "/api/block/<string>")
([&](const crow::request &req, string block_no_or_hash) {
myxmr::jsonresponse r{xmrblocks.json_block(block_no_or_hash)};
myxmr::jsonresponse r{xmrblocks.json_block(remove_bad_chars(block_no_or_hash))};
return r;
});
@ -520,7 +529,7 @@ main(int ac, const char* av[])
CROW_ROUTE(app, "/api/rawblock/<string>")
([&](const crow::request &req, string block_no_or_hash) {
myxmr::jsonresponse r{xmrblocks.json_rawblock(block_no_or_hash)};
myxmr::jsonresponse r{xmrblocks.json_rawblock(remove_bad_chars(block_no_or_hash))};
return r;
});
@ -534,7 +543,8 @@ main(int ac, const char* av[])
string limit = regex_search(req.raw_url, regex {"limit=\\d+"}) ?
req.url_params.get("limit") : "25";
myxmr::jsonresponse r{xmrblocks.json_transactions(page, limit)};
myxmr::jsonresponse r{xmrblocks.json_transactions(
remove_bad_chars(page), remove_bad_chars(limit))};
return r;
});
@ -551,7 +561,8 @@ main(int ac, const char* av[])
string limit = regex_search(req.raw_url, regex {"limit=\\d+"}) ?
req.url_params.get("limit") : "100000000";
myxmr::jsonresponse r{xmrblocks.json_mempool(page, limit)};
myxmr::jsonresponse r{xmrblocks.json_mempool(
remove_bad_chars(page), remove_bad_chars(limit))};
return r;
});
@ -559,7 +570,7 @@ main(int ac, const char* av[])
CROW_ROUTE(app, "/api/search/<string>")
([&](const crow::request &req, string search_value) {
myxmr::jsonresponse r{xmrblocks.json_search(search_value)};
myxmr::jsonresponse r{xmrblocks.json_search(remove_bad_chars(search_value))};
return r;
});
@ -605,7 +616,11 @@ main(int ac, const char* av[])
cerr << "Cant parse tx_prove as bool. Using default value" << endl;
}
myxmr::jsonresponse r{xmrblocks.json_outputs(tx_hash, address, viewkey, tx_prove)};
myxmr::jsonresponse r{xmrblocks.json_outputs(
remove_bad_chars(tx_hash),
remove_bad_chars(address),
remove_bad_chars(viewkey),
tx_prove)};
return r;
});
@ -635,7 +650,11 @@ main(int ac, const char* av[])
cerr << "Cant parse tx_prove as bool. Using default value" << endl;
}
myxmr::jsonresponse r{xmrblocks.json_outputsblocks(limit, address, viewkey, in_mempool_aswell)};
myxmr::jsonresponse r{xmrblocks.json_outputsblocks(
remove_bad_chars(limit),
remove_bad_chars(address),
remove_bad_chars(viewkey),
in_mempool_aswell)};
return r;
});

2
src/page.h
View File

@ -5458,7 +5458,7 @@ namespace xmreg
{"has_payment_id8" , txd.payment_id8 != null_hash8},
{"confirmations" , txd.no_confirmations},
{"payment_id" , pid_str},
{"payment_id_as_ascii" , std::regex_replace(txd.payment_id_as_ascii, e, " ")},
{"payment_id_as_ascii" , remove_bad_chars(txd.payment_id_as_ascii)},
{"payment_id8" , pid8_str},
{"extra" , txd.get_extra_str()},
{"with_ring_signatures" , static_cast<bool>(

11
src/tools.h
View File

@ -328,6 +328,17 @@ namespace xmreg
while(std::distance(chunk_begin,end) > 0);
}
/*
* Remove all characters in in_str that match the given
* regular expression
*/
inline string
remove_bad_chars(string const& in_str, std::regex const& rgx = std::regex {"[^a-zA-Z0-9]"})
{
return std::regex_replace(in_str, rgx, "");
}
bool
make_tx_from_json(const string& json_str, transaction& tx);