diff --git a/src/rpc/common/Validators.cpp b/src/rpc/common/Validators.cpp index 9952a1bd5..063b0008a 100644 --- a/src/rpc/common/Validators.cpp +++ b/src/rpc/common/Validators.cpp @@ -285,7 +285,7 @@ CustomValidator CustomValidators::AuthorizeCredentialValidator = if (authCred.empty()) { return Error{Status{ ClioError::rpcMALFORMED_AUTHORIZED_CREDENTIALS, - fmt::format("Requires at least one element in authorized_credentials array") + fmt::format("Requires at least one element in authorized_credentials array.") }}; } @@ -299,13 +299,19 @@ CustomValidator CustomValidators::AuthorizeCredentialValidator = } for (auto const& credObj : value.as_array()) { + if (!credObj.is_object()) { + return Error{Status{ + ClioError::rpcMALFORMED_AUTHORIZED_CREDENTIALS, + "authorized_credentials elements in array are not objects." + }}; + } auto const& obj = credObj.as_object(); if (!obj.contains("issuer")) { return Error{ Status{ClioError::rpcMALFORMED_AUTHORIZED_CREDENTIALS, "Field 'Issuer' is required but missing."} }; -} + } // don't want to change issuer error message to be about credentials if (!IssuerValidator.verify(credObj, "issuer")) diff --git a/tests/unit/rpc/handlers/LedgerEntryTests.cpp b/tests/unit/rpc/handlers/LedgerEntryTests.cpp index 82d1396e7..2ed44e5ad 100644 --- a/tests/unit/rpc/handlers/LedgerEntryTests.cpp +++ b/tests/unit/rpc/handlers/LedgerEntryTests.cpp @@ -222,6 +222,21 @@ generateTestValuesForParametersTest() "authorized_credentials not array" }, + ParamTestCaseBundle{ + "InvalidDepositPreauthJsonAuthorizeCredentialsMalformedString", + fmt::format( + R"({{ + "deposit_preauth": {{ + "owner": "{}", + "authorized_credentials": ["C2F2A19C8D0D893D18F18FDCFE13A3ECB41767E48422DF07F2455CDA08FDF09B"] + }} + }})", + ACCOUNT + ), + "malformedAuthorizedCredentials", + "authorized_credentials elements in array are not objects." + }, + ParamTestCaseBundle{ "DepositPreauthBothAuthAndAuthCredentialsDoesNotExists", fmt::format( @@ -273,7 +288,7 @@ generateTestValuesForParametersTest() ACCOUNT ), "malformedAuthorizedCredentials", - "Requires at least one element in authorized_credentials array" + "Requires at least one element in authorized_credentials array." }, ParamTestCaseBundle{