From d195cfab50b42d26f3cf9436845838e075e959de Mon Sep 17 00:00:00 2001 From: frankiebee Date: Tue, 13 Mar 2018 15:13:05 -0700 Subject: [PATCH 1/6] transactions - insure if a to field in tx params has a truthy valu that it is a valid addres and if it is falsy that it is not null to fix issue #3509 --- app/scripts/lib/tx-gas-utils.js | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/app/scripts/lib/tx-gas-utils.js b/app/scripts/lib/tx-gas-utils.js index 6f6ff7852..e61db3332 100644 --- a/app/scripts/lib/tx-gas-utils.js +++ b/app/scripts/lib/tx-gas-utils.js @@ -4,7 +4,7 @@ const { BnMultiplyByFraction, bnToHex, } = require('./util') -const addHexPrefix = require('ethereumjs-util').addHexPrefix +const {addHexPrefix, isValidAddress} = require('ethereumjs-util') const SIMPLE_GAS_COST = '0x5208' // Hex for 21000, cost of a simple send. /* @@ -101,6 +101,12 @@ module.exports = class TxGasUtil { async validateTxParams (txParams) { this.validateRecipient(txParams) + if ('to' in txParams) { + if ( txParams.to === null ) delete txParams.to + else if ( txParams.to !== undefined && !isValidAddress(txParams.to) ) { + throw new Error(`Invalid transaction value of ${txParams.to} not a valid to address.`) + } + } if ('value' in txParams) { const value = txParams.value.toString() if (value.includes('-')) { From d7bf6e36b1f40068eec1d6c3d30207f3fae5cfde Mon Sep 17 00:00:00 2001 From: frankiebee Date: Tue, 13 Mar 2018 15:17:13 -0700 Subject: [PATCH 2/6] add to CHANGELOG.md --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index fdc7d7155..93380e64b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,7 @@ ## Current Master +- MetaMask will now throw an error if the `to` field in txParams is not valid and also will make sure that the two field is not `null` mucking up metamask - Allow adding custom tokens to classic ui when balance is 0 - Allow editing of symbol and decimal info when adding custom token in new-ui - NewUI shapeshift form can select all coins (not just BTC) From c465d510b100fdf9926413751df04cbd59de68eb Mon Sep 17 00:00:00 2001 From: frankiebee Date: Tue, 13 Mar 2018 15:26:45 -0700 Subject: [PATCH 3/6] fix error message --- app/scripts/lib/tx-gas-utils.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/scripts/lib/tx-gas-utils.js b/app/scripts/lib/tx-gas-utils.js index e61db3332..3b0494e04 100644 --- a/app/scripts/lib/tx-gas-utils.js +++ b/app/scripts/lib/tx-gas-utils.js @@ -104,7 +104,7 @@ module.exports = class TxGasUtil { if ('to' in txParams) { if ( txParams.to === null ) delete txParams.to else if ( txParams.to !== undefined && !isValidAddress(txParams.to) ) { - throw new Error(`Invalid transaction value of ${txParams.to} not a valid to address.`) + throw new Error(`Invalid recipient address`) } } if ('value' in txParams) { From 16deea3927b1e9695bd9c114f770344a2d55eb4e Mon Sep 17 00:00:00 2001 From: kumavis Date: Tue, 13 Mar 2018 15:29:33 -0700 Subject: [PATCH 4/6] changelog - update "txParams.to" validation note --- CHANGELOG.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 1450a8c9f..80bef88b1 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,7 +2,8 @@ ## Current Master -- MetaMask will now throw an error if the `to` field in txParams is not valid and also will make sure that the two field is not `null` mucking up metamask +- Will now throw an error if the `to` field in txParams is not valid. +- Will strip null values from the `to` field. - Fix flashing to Log in screen after logging in or restoring from seed phrase. - Increase tap areas for menu buttons on mobile - Change all fonts in new-ui onboarding to Roboto, size 400 From e5a83d3f1a3ebe9115c07e162ee4bca0f157b8b1 Mon Sep 17 00:00:00 2001 From: frankiebee Date: Tue, 13 Mar 2018 15:32:03 -0700 Subject: [PATCH 5/6] transactions move validation of the to field to validateRecipient --- app/scripts/lib/tx-gas-utils.js | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/app/scripts/lib/tx-gas-utils.js b/app/scripts/lib/tx-gas-utils.js index 3b0494e04..a8f473a88 100644 --- a/app/scripts/lib/tx-gas-utils.js +++ b/app/scripts/lib/tx-gas-utils.js @@ -101,12 +101,6 @@ module.exports = class TxGasUtil { async validateTxParams (txParams) { this.validateRecipient(txParams) - if ('to' in txParams) { - if ( txParams.to === null ) delete txParams.to - else if ( txParams.to !== undefined && !isValidAddress(txParams.to) ) { - throw new Error(`Invalid recipient address`) - } - } if ('value' in txParams) { const value = txParams.value.toString() if (value.includes('-')) { @@ -119,12 +113,14 @@ module.exports = class TxGasUtil { } } validateRecipient (txParams) { - if (txParams.to === '0x') { + if (txParams.to === '0x' || txParams.to === null ) { if (txParams.data) { delete txParams.to } else { throw new Error('Invalid recipient address') } + } else if ( txParams.to !== undefined && !isValidAddress(txParams.to) ) { + throw new Error('Invalid recipient address') } return txParams } From 22cd7882038d05e51c5b76f2f4c76c15b2fd89f6 Mon Sep 17 00:00:00 2001 From: kumavis Date: Tue, 13 Mar 2018 15:39:33 -0700 Subject: [PATCH 6/6] tx-gas-utils - fix code style --- app/scripts/lib/tx-gas-utils.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/scripts/lib/tx-gas-utils.js b/app/scripts/lib/tx-gas-utils.js index a8f473a88..0fa9dd8d4 100644 --- a/app/scripts/lib/tx-gas-utils.js +++ b/app/scripts/lib/tx-gas-utils.js @@ -4,7 +4,7 @@ const { BnMultiplyByFraction, bnToHex, } = require('./util') -const {addHexPrefix, isValidAddress} = require('ethereumjs-util') +const { addHexPrefix, isValidAddress } = require('ethereumjs-util') const SIMPLE_GAS_COST = '0x5208' // Hex for 21000, cost of a simple send. /*