json: Add two param functions to parse string arrs and outpoint arrs

In a couple of places we accept arrays of strings and don't validate them. If we forward them, e.g., call a JSON-RPC method from the plugin, we end up embedding the unverified string in the JSON-RPC call without escaping, which then leads to invalid JSON being passed on. This at least partially causes #4238
2025-12-20 15:44:21 +01:00 · 2020-12-04 11:24:14 +01:00
parent eacc54646f
commit 32000b6660
6 changed files with 78 additions and 0 deletions
--- a/common/json_tok.c
+++ b/common/json_tok.c
@@ -501,3 +501,32 @@ struct command_result *param_psbt(struct command *cmd,
 	return command_fail_badparam(cmd, name, buffer, tok,
 				     "Expected a PSBT");
 }
+
+struct command_result *param_outpoint_arr(struct command *cmd,
+					  const char *name,
+					  const char *buffer,
+					  const jsmntok_t *tok,
+					  struct bitcoin_outpoint **outpoints)
+{
+	size_t i;
+	const jsmntok_t *curr;
+	if (tok->type != JSMN_ARRAY) {
+		return command_fail(cmd, JSONRPC2_INVALID_PARAMS,
+				    "Could not decode the outpoint array for %s: "
+				    "\"%s\" is not a valid outpoint array.",
+				    name, json_strdup(tmpctx, buffer, tok));
+	}
+
+	*outpoints = tal_arr(cmd, struct bitcoin_outpoint, tok->size);
+
+	json_for_each_arr(i, curr, tok) {
+		struct bitcoin_outpoint op;
+		if (!json_to_outpoint(buffer, curr, &op))
+			return command_fail(cmd, JSONRPC2_INVALID_PARAMS,
+					    "Could not decode outpoint \"%.*s\", "
+					    "expected format: txid:output",
+					    json_tok_full_len(curr), json_tok_full(buffer, curr));
+		(*outpoints)[i] = op;
+	}
+	return NULL;
+}