Address security finding #127 by validating address.
This just needs to be tested on detail views with a lot of transactions to be sure that rapid scrolling doesn't cause too much backpressure.
This commit is contained in:
parent
ebbe69125c
commit
340fb8c993
|
@ -224,6 +224,13 @@ class MainActivity : AppCompatActivity() {
|
|||
}
|
||||
}
|
||||
|
||||
suspend fun isValidAddress(address: String): Boolean {
|
||||
try {
|
||||
return !synchronizerComponent.synchronizer().validateAddress(address).isNotValid
|
||||
} catch (t: Throwable) { }
|
||||
return false
|
||||
}
|
||||
|
||||
fun copyText(textToCopy: String, label: String = "zECC Wallet Text") {
|
||||
clipboard.setPrimaryClip(
|
||||
ClipData.newPlainText(label, textToCopy)
|
||||
|
|
|
@ -3,6 +3,7 @@ package cash.z.ecc.android.ui.detail
|
|||
import android.view.View
|
||||
import android.widget.TextView
|
||||
import android.widget.Toast
|
||||
import androidx.lifecycle.lifecycleScope
|
||||
import androidx.recyclerview.widget.RecyclerView
|
||||
import cash.z.ecc.android.R
|
||||
import cash.z.ecc.android.ext.goneIf
|
||||
|
@ -14,6 +15,7 @@ import cash.z.ecc.android.ui.util.toUtf8Memo
|
|||
import cash.z.ecc.android.sdk.db.entity.ConfirmedTransaction
|
||||
import cash.z.ecc.android.sdk.ext.*
|
||||
import com.google.android.material.dialog.MaterialAlertDialogBuilder
|
||||
import kotlinx.coroutines.launch
|
||||
import java.nio.charset.Charset
|
||||
import java.text.SimpleDateFormat
|
||||
import java.util.*
|
||||
|
@ -27,8 +29,7 @@ class TransactionViewHolder<T : ConfirmedTransaction>(itemView: View) : Recycler
|
|||
private val formatter = SimpleDateFormat("M/d h:mma", Locale.getDefault())
|
||||
private val addressRegex = """zs\d\w{65,}""".toRegex()
|
||||
|
||||
fun bindTo(transaction: T?) {
|
||||
|
||||
fun bindTo(transaction: T?) = (itemView.context as MainActivity).lifecycleScope.launch {
|
||||
// update view
|
||||
var lineOne: String = ""
|
||||
var lineTwo: String = ""
|
||||
|
@ -97,19 +98,19 @@ class TransactionViewHolder<T : ConfirmedTransaction>(itemView: View) : Recycler
|
|||
shieldIcon.goneIf((transaction?.raw != null || transaction?.expiryHeight != null) && !transaction?.toAddress.isShielded())
|
||||
}
|
||||
|
||||
private fun getSender(transaction: ConfirmedTransaction): String {
|
||||
private suspend fun getSender(transaction: ConfirmedTransaction): String {
|
||||
val memo = transaction.memo.toUtf8Memo()
|
||||
return when {
|
||||
memo.contains(INCLUDE_MEMO_PREFIX) -> {
|
||||
val address = memo.split(INCLUDE_MEMO_PREFIX)[1].trim()
|
||||
val address = memo.split(INCLUDE_MEMO_PREFIX)[1].trim().validateAddress() ?: "Unknown"
|
||||
"${address.toAbbreviatedAddress()} paid you"
|
||||
}
|
||||
memo.contains("eply to:") -> {
|
||||
val address = memo.split("eply to:")[1].trim()
|
||||
val address = memo.split("eply to:")[1].trim().validateAddress() ?: "Unknown"
|
||||
"${address.toAbbreviatedAddress()} paid you"
|
||||
}
|
||||
memo.contains("zs") -> {
|
||||
val who = extractAddress(memo)?.toAbbreviatedAddress() ?: "Unknown"
|
||||
val who = extractAddress(memo).validateAddress()?.toAbbreviatedAddress() ?: "Unknown"
|
||||
"$who paid you"
|
||||
}
|
||||
else -> "Unknown paid you"
|
||||
|
@ -145,6 +146,11 @@ class TransactionViewHolder<T : ConfirmedTransaction>(itemView: View) : Recycler
|
|||
(itemView.context as MainActivity).copyText(it, "Transaction Address")
|
||||
}
|
||||
}
|
||||
|
||||
private suspend fun String?.validateAddress(): String? {
|
||||
if (this == null) return null
|
||||
return if ((itemView.context as MainActivity).isValidAddress(this)) this else null
|
||||
}
|
||||
}
|
||||
|
||||
private fun ByteArray.toTxId(): String {
|
||||
|
|
Loading…
Reference in New Issue