From c37b2deb545a3969bc80c3d6007c7dff031a469e Mon Sep 17 00:00:00 2001 From: Lee *!* Clagett Date: Tue, 10 Sep 2024 14:46:21 -0400 Subject: [PATCH] Add equivalent check to validate admin endpoint (#131) --- src/rpc/admin.cpp | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/src/rpc/admin.cpp b/src/rpc/admin.cpp index c2498d7..925bf85 100644 --- a/src/rpc/admin.cpp +++ b/src/rpc/admin.cpp @@ -288,8 +288,14 @@ namespace lws { namespace rpc db::account_address address{}; crypto::secret_key view_key{}; - if (!convert_key(dest, address.spend_public, req.spend_public_hex, "spend_public_hex")) + if (req.spend_public_hex == req.view_public_hex) + { + output_error(dest, "spend_public_hex", "spend_public_hex and view_public_hex should not be equal"); return success(); // error is delivered in JSON as opposed to HTTP codes + } + + if (!convert_key(dest, address.spend_public, req.spend_public_hex, "spend_public_hex")) + return success(); if (!convert_key(dest, address.view_public, req.view_public_hex, "view_public_hex")) return success(); if (!convert_key(dest, unwrap(unwrap(view_key)), req.view_key_hex, "view_key_hex"))