From c9ba3a842845045e92a52aeede2b2999d1da3c06 Mon Sep 17 00:00:00 2001
From: Jethro Grassie <jtg@xtrabass.com>
Date: Fri, 17 Jan 2020 15:43:08 -0500
Subject: [PATCH] add network validation

---
 src/pool.c  | 22 +++++++++++++++-------
 src/xmr.cpp | 54 +++++++++++++++++++++++++++++++++++++++++------------
 src/xmr.h   |  2 +-
 3 files changed, 58 insertions(+), 20 deletions(-)

diff --git a/src/pool.c b/src/pool.c
index a578ca4..d52e20f 100644
--- a/src/pool.c
+++ b/src/pool.c
@@ -253,6 +253,7 @@ static pthread_mutex_t mutex_clients = PTHREAD_MUTEX_INITIALIZER;
 static FILE *fd_log;
 static unsigned char sec_view[32];
 static unsigned char pub_spend[32];
+static uint8_t nettype;
 
 #ifdef HAVE_RX
 extern void rx_stop_mining();
@@ -1622,9 +1623,6 @@ rpc_on_view_key(const char* data, rpc_callback_t *callback)
     const char *vk = json_object_get_string(key);
     hex_to_bin(vk, strlen(vk), &sec_view[0], 32);
     json_object_put(root);
-
-    uint64_t prefix;
-    parse_address(config.pool_wallet, &prefix, &pub_spend[0]);
 }
 
 static void
@@ -2087,12 +2085,17 @@ client_on_login(json_object *message, client_t *client)
     }
 
     const char *address = json_object_get_string(login);
-    uint64_t prefix;
-    parse_address(address, &prefix, NULL);
-    if (prefix != MAINNET_ADDRESS_PREFIX && prefix != TESTNET_ADDRESS_PREFIX)
+    uint8_t nt;
+    if (parse_address(address, NULL, &nt, NULL))
     {
         send_validation_error(client,
-                "login only main wallet addresses are supported");
+                "Invalid address");
+        return;
+    }
+    if (nt != nettype)
+    {
+        send_validation_error(client,
+                "Invalid address network type");
         return;
     }
 
@@ -2790,6 +2793,11 @@ read_config(const char *config_file)
         log_fatal("No pool wallet supplied. Aborting.");
         exit(-1);
     }
+    if (parse_address(config.pool_wallet, NULL, &nettype, &pub_spend[0]))
+    {
+        log_fatal("Invalid pool wallet");
+        exit(-1);
+    }
     if (!config.wallet_rpc_host[0] || config.wallet_rpc_port == 0)
     {
         log_fatal("Both wallet-rpc-host and wallet-rpc-port need setting. "
diff --git a/src/xmr.cpp b/src/xmr.cpp
index 7dba738..6dca004 100644
--- a/src/xmr.cpp
+++ b/src/xmr.cpp
@@ -45,6 +45,7 @@ developers.
 #include "cryptonote_basic/difficulty.h"
 #include "crypto/crypto.h"
 #include "crypto/hash.h"
+#include "cryptonote_config.h"
 #include "serialization/binary_utils.h"
 #include "ringct/rctSigs.h"
 #include "common/base58.h"
@@ -56,6 +57,33 @@ developers.
 using namespace epee::string_tools;
 using namespace cryptonote;
 using namespace crypto;
+using namespace config;
+
+static int nettype_from_prefix(uint8_t *nettype, uint64_t prefix)
+{
+    static const struct { cryptonote::network_type type; uint64_t prefix; } nettype_prefix[] = {
+        { MAINNET, CRYPTONOTE_PUBLIC_ADDRESS_BASE58_PREFIX },
+        { MAINNET, CRYPTONOTE_PUBLIC_INTEGRATED_ADDRESS_BASE58_PREFIX },
+        { MAINNET, CRYPTONOTE_PUBLIC_SUBADDRESS_BASE58_PREFIX },
+        { TESTNET, testnet::CRYPTONOTE_PUBLIC_ADDRESS_BASE58_PREFIX },
+        { TESTNET, testnet::CRYPTONOTE_PUBLIC_INTEGRATED_ADDRESS_BASE58_PREFIX },
+        { TESTNET, testnet::CRYPTONOTE_PUBLIC_SUBADDRESS_BASE58_PREFIX },
+        { STAGENET, stagenet::CRYPTONOTE_PUBLIC_ADDRESS_BASE58_PREFIX },
+        { STAGENET, stagenet::CRYPTONOTE_PUBLIC_INTEGRATED_ADDRESS_BASE58_PREFIX },
+        { STAGENET, stagenet::CRYPTONOTE_PUBLIC_SUBADDRESS_BASE58_PREFIX }
+    };
+    int rv = XMR_MISMATCH_ERROR;
+    for (auto ntp : nettype_prefix)
+    {
+        if (ntp.prefix == prefix)
+        {
+            rv = XMR_NO_ERROR;
+            *nettype = ntp.type;
+            break;
+        }
+    }
+    return rv;
+}
 
 int get_hashing_blob(const unsigned char *input, const size_t in_size,
         unsigned char **output, size_t *out_size)
@@ -75,23 +103,25 @@ int get_hashing_blob(const unsigned char *input, const size_t in_size,
 }
 
 int parse_address(const char *input, uint64_t *prefix,
-        unsigned char *pub_spend)
+        uint8_t *nettype, unsigned char *pub_spend)
 {
     uint64_t tag;
     std::string decoded;
-    bool rv = tools::base58::decode_addr(input, tag, decoded);
-    if (rv)
-    {
+    if (!tools::base58::decode_addr(input, tag, decoded))
+        return XMR_PARSE_ERROR;
+    if (prefix)
         *prefix = tag;
-        if (pub_spend != NULL)
-        {
-            account_public_address address;
-            ::serialization::parse_binary(decoded, address);
-            public_key S = address.m_spend_public_key;
-            memcpy(pub_spend, &S, 32);
-        }
+    if (nettype && nettype_from_prefix(nettype, tag))
+        return XMR_MISMATCH_ERROR;
+    if (pub_spend)
+    {
+        account_public_address address;
+        if (!::serialization::parse_binary(decoded, address))
+            return XMR_PARSE_ERROR;
+        public_key S = address.m_spend_public_key;
+        memcpy(pub_spend, &S, 32);
     }
-    return rv ? XMR_NO_ERROR : XMR_PARSE_ERROR;
+    return XMR_NO_ERROR;
 }
 
 int get_block_hash(const unsigned char *input, const size_t in_size,
diff --git a/src/xmr.h b/src/xmr.h
index a1c7614..dad20b6 100644
--- a/src/xmr.h
+++ b/src/xmr.h
@@ -53,7 +53,7 @@ enum xmr_error
 int get_hashing_blob(const unsigned char *input, const size_t in_size,
         unsigned char **output, size_t *out_size);
 int parse_address(const char *input, uint64_t *prefix,
-        unsigned char *pub_spend);
+        uint8_t *nettype, unsigned char *pub_spend);
 int get_block_hash(const unsigned char *input, const size_t in_size,
         unsigned char *output);
 void get_hash(const unsigned char *input, const size_t in_size,