search

XRPLF / rippled

Decentralized cryptocurrency blockchain daemon implementing the XRP Ledger protocol in C++
https://xrpl.org
ISC License
4.48k stars 1.45k forks source link

PriceOracle: get_aggregate_price method input field issues #4961

Open SaxenaKaustubh opened 3 months ago

SaxenaKaustubh commented 3 months ago

While calculating PriceOracle aggregate pricing using the get_aggregate_price method, I noticed the following issues:

  1. trim: A decimal value e.g. 1.2 gets truncated to int e.g.1.
  2. oracle_document_id: A decimal value e.g. 1.2 gets truncated to int e.g.1.
  3. There is no input validation on the oracle_document_id field for an input of None.
  4. There is no input validation on BaseAsset and QuoteAsset fields. All of the following values are acceptable:
    • None
    • "Invalid"
    • 123
    • -1
    • 0
    • 1.2
    • "0158415500000000C1F76FF6ECB0BAC600000000A"
    • "H"
    • "HB"
    • "HBAR"
    • ""