Add better validation to assetDataUtils

2019-07-10 17:31:46 -07:00
parent a569815840
commit d280ccb3c4
2 changed files with 56 additions and 7 deletions
--- a/packages/order-utils/src/asset_data_utils.ts
+++ b/packages/order-utils/src/asset_data_utils.ts
@@ -358,6 +358,7 @@ export const assetDataUtils = {
                }. Got ${assetData.length}`,
            );
        }
+        assetDataUtils.assertWordAlignedAssetData(assetData);
        const assetProxyId = assetDataUtils.decodeAssetProxyId(assetData);
        if (assetProxyId !== AssetProxyId.ERC20) {
            throw new Error(
@@ -379,6 +380,7 @@ export const assetDataUtils = {
                }. Got ${assetData.length}`,
            );
        }
+        assetDataUtils.assertWordAlignedAssetData(assetData);
        const assetProxyId = assetDataUtils.decodeAssetProxyId(assetData);
        if (assetProxyId !== AssetProxyId.ERC721) {
            throw new Error(
@@ -393,8 +395,22 @@ export const assetDataUtils = {
     * @param assetData Hex encoded assetData string
     */
    assertIsERC1155AssetData(assetData: string): void {
-        // If the asset data is correctly decoded then it is valid.
-        assetDataUtils.decodeERC1155AssetData(assetData);
+        if (assetData.length < constants.ERC1155_ASSET_DATA_MIN_CHAR_LENGTH_WITH_PREFIX) {
+            throw new Error(
+                `Could not decode ERC1155 Proxy Data. Expected length of encoded data to be at least ${
+                    constants.ERC1155_ASSET_DATA_MIN_CHAR_LENGTH_WITH_PREFIX
+                }. Got ${assetData.length}`,
+            );
+        }
+        assetDataUtils.assertWordAlignedAssetData(assetData);
+        const assetProxyId = assetDataUtils.decodeAssetProxyId(assetData);
+        if (assetProxyId !== AssetProxyId.ERC1155) {
+            throw new Error(
+                `Could not decode ERC1155 assetData. Expected assetProxyId to be ERC1155 (${
+                    AssetProxyId.ERC1155
+                }), but got ${assetProxyId}`,
+            );
+        }
    },
    /**
     * Throws if the length or assetProxyId are invalid for the MultiAssetProxy.
@@ -408,6 +424,7 @@ export const assetDataUtils = {
                }. Got ${assetData.length}`,
            );
        }
+        assetDataUtils.assertWordAlignedAssetData(assetData);
        const assetProxyId = assetDataUtils.decodeAssetProxyId(assetData);
        if (assetProxyId !== AssetProxyId.MultiAsset) {
            throw new Error(
@@ -422,7 +439,34 @@ export const assetDataUtils = {
     * @param assetData Hex encoded assetData string
     */
    assertIsStaticCallAssetData(assetData: string): void {
-        assetDataUtils.decodeStaticCallAssetData(assetData);
+        if (assetData.length < constants.STATIC_CALL_ASSET_DATA_MIN_CHAR_LENGTH_WITH_PREFIX) {
+            throw new Error(
+                `Could not decode StaticCall Proxy Data. Expected length of encoded data to be at least ${
+                    constants.STATIC_CALL_ASSET_DATA_MIN_CHAR_LENGTH_WITH_PREFIX
+                }. Got ${assetData.length}`,
+            );
+        }
+        assetDataUtils.assertWordAlignedAssetData(assetData);
+        const assetProxyId = assetDataUtils.decodeAssetProxyId(assetData);
+        if (assetProxyId !== AssetProxyId.StaticCall) {
+            throw new Error(
+                `Could not decode StaticCall assetData. Expected assetProxyId to be StaticCall (${
+                    AssetProxyId.StaticCall
+                }), but got ${assetProxyId}`,
+            );
+        }
+    },
+    /**
+     * Throws if the assetData is not padded to 32 bytes.
+     * @param assetData Hex encoded assetData string
+     */
+    assertWordAlignedAssetData(assetData: string): void {
+        const charsIn32Bytes = 64;
+        if ((assetData.length - constants.SELECTOR_CHAR_LENGTH_WITH_PREFIX) % charsIn32Bytes !== 0) {
+            throw new Error(
+                `assetData must be word aligned. ${(assetData.length - 2) / 2} is not a valid byte length.`,
+            );
+        }
    },
    /**
     * Throws if the length or assetProxyId are invalid for the corresponding AssetProxy.
@@ -470,6 +514,9 @@ export const assetDataUtils = {
            case AssetProxyId.MultiAsset:
                const multiAssetData = assetDataUtils.decodeMultiAssetData(assetData);
                return multiAssetData;
+            case AssetProxyId.StaticCall:
+                const staticCallData = assetDataUtils.decodeStaticCallAssetData(assetData);
+                return staticCallData;
            default:
                throw new Error(`Unrecognized asset proxy id: ${assetProxyId}`);
        }
--- a/packages/order-utils/src/constants.ts
+++ b/packages/order-utils/src/constants.ts
@@ -91,10 +91,12 @@ export const constants = {
    UNLIMITED_ALLOWANCE_IN_BASE_UNITS: new BigNumber(2).pow(256).minus(1),
    TESTRPC_NETWORK_ID: 50,
    ADDRESS_LENGTH: 20,
-    ERC20_ASSET_DATA_MIN_CHAR_LENGTH_WITH_PREFIX: 74,
-    ERC721_ASSET_DATA_MIN_CHAR_LENGTH_WITH_PREFIX: 136,
-    MULTI_ASSET_DATA_MIN_CHAR_LENGTH_WITH_PREFIX: 266,
-    SELECTOR_CHAR_LENGTH_WITH_PREFIX: 10,
+    ERC20_ASSET_DATA_MIN_CHAR_LENGTH_WITH_PREFIX: 74, // 36 bytes
+    ERC721_ASSET_DATA_MIN_CHAR_LENGTH_WITH_PREFIX: 138, // 68 bytes
+    ERC1155_ASSET_DATA_MIN_CHAR_LENGTH_WITH_PREFIX: 266, // 132 bytes
+    MULTI_ASSET_DATA_MIN_CHAR_LENGTH_WITH_PREFIX: 138, // 68 bytes
+    STATIC_CALL_ASSET_DATA_MIN_CHAR_LENGTH_WITH_PREFIX: 202, // 100 bytes
+    SELECTOR_CHAR_LENGTH_WITH_PREFIX: 10, // 4 bytes
    INFINITE_TIMESTAMP_SEC: new BigNumber(2524604400), // Close to infinite
    ZERO_AMOUNT: new BigNumber(0),
    EXCHANGE_DOMAIN_NAME: '0x Protocol',