mirror of
https://github.com/XRPLF/rippled.git
synced 2025-11-18 10:05:51 +00:00
Compare commits
2 Commits
gregtatcam
...
ximinez/le
| Author | SHA1 | Date | |
|---|---|---|---|
|
8dbb933306 | ||
|
|
248d267f21 |
@@ -13,6 +13,15 @@ class Number;
|
||||
std::string
|
||||
to_string(Number const& amount);
|
||||
|
||||
template <typename T>
|
||||
constexpr bool
|
||||
isPowerOfTen(T value)
|
||||
{
|
||||
while (value >= 10 && value % 10 == 0)
|
||||
value /= 10;
|
||||
return value == 1;
|
||||
}
|
||||
|
||||
class Number
|
||||
{
|
||||
using rep = std::int64_t;
|
||||
@@ -21,8 +30,13 @@ class Number
|
||||
|
||||
public:
|
||||
// The range for the mantissa when normalized
|
||||
constexpr static std::int64_t minMantissa = 1'000'000'000'000'000LL;
|
||||
constexpr static std::int64_t maxMantissa = 9'999'999'999'999'999LL;
|
||||
constexpr static rep minMantissa = 1'000'000'000'000'000LL;
|
||||
static_assert(isPowerOfTen(minMantissa));
|
||||
constexpr static rep maxMantissa = minMantissa * 10 - 1;
|
||||
static_assert(maxMantissa == 9'999'999'999'999'999LL);
|
||||
|
||||
constexpr static rep maxIntValue = maxMantissa / 100;
|
||||
static_assert(maxIntValue == 99'999'999'999'999LL);
|
||||
|
||||
// The range for the exponent when normalized
|
||||
constexpr static int minExponent = -32768;
|
||||
@@ -404,6 +418,12 @@ public:
|
||||
operator=(NumberRoundModeGuard const&) = delete;
|
||||
};
|
||||
|
||||
class NumberOverflow : public std::overflow_error
|
||||
{
|
||||
public:
|
||||
using overflow_error::overflow_error;
|
||||
};
|
||||
|
||||
} // namespace ripple
|
||||
|
||||
#endif // XRPL_BASICS_NUMBER_H_INCLUDED
|
||||
|
||||
@@ -84,6 +84,19 @@ public:
|
||||
return holds<Issue>() && get<Issue>().native();
|
||||
}
|
||||
|
||||
bool
|
||||
integral() const
|
||||
{
|
||||
return std::visit(
|
||||
[]<ValidIssueType TIss>(TIss const& issue) {
|
||||
if constexpr (std::is_same_v<TIss, Issue>)
|
||||
return issue.native();
|
||||
if constexpr (std::is_same_v<TIss, MPTIssue>)
|
||||
return true;
|
||||
},
|
||||
issue_);
|
||||
}
|
||||
|
||||
friend constexpr bool
|
||||
operator==(Asset const& lhs, Asset const& rhs);
|
||||
|
||||
|
||||
@@ -155,6 +155,9 @@ public:
|
||||
int
|
||||
exponent() const noexcept;
|
||||
|
||||
bool
|
||||
integral() const noexcept;
|
||||
|
||||
bool
|
||||
native() const noexcept;
|
||||
|
||||
@@ -435,6 +438,12 @@ STAmount::exponent() const noexcept
|
||||
return mOffset;
|
||||
}
|
||||
|
||||
inline bool
|
||||
STAmount::integral() const noexcept
|
||||
{
|
||||
return mAsset.integral();
|
||||
}
|
||||
|
||||
inline bool
|
||||
STAmount::native() const noexcept
|
||||
{
|
||||
@@ -553,7 +562,7 @@ STAmount::clear()
|
||||
{
|
||||
// The -100 is used to allow 0 to sort less than a small positive values
|
||||
// which have a negative exponent.
|
||||
mOffset = native() ? 0 : -100;
|
||||
mOffset = integral() ? 0 : -100;
|
||||
mValue = 0;
|
||||
mIsNegative = false;
|
||||
}
|
||||
|
||||
@@ -24,6 +24,10 @@ class STNumber : public STBase, public CountedObject<STNumber>
|
||||
{
|
||||
private:
|
||||
Number value_;
|
||||
// isInteger_ is not serialized or transmitted in any way. It is used only
|
||||
// for internal validation of integer types. It is a one-way switch. Once
|
||||
// it's on, it stays on.
|
||||
bool isInteger_ = false;
|
||||
|
||||
public:
|
||||
using value_type = Number;
|
||||
@@ -51,6 +55,35 @@ public:
|
||||
return *this;
|
||||
}
|
||||
|
||||
// Tell the STNumber whether the value it is holding represents an integer,
|
||||
// and must fit within the allowable range.
|
||||
void
|
||||
usesAsset(Asset const& a);
|
||||
// The asset isn't stored, only whether it's an integral type. Get that flag
|
||||
// back out.
|
||||
bool
|
||||
isIntegral() const;
|
||||
// Returns whether the value fits within Number::maxIntValue. Transactors
|
||||
// should check this whenever interacting with an STNumber.
|
||||
bool
|
||||
safeNumber() const;
|
||||
/// Combines usesAsset(a) and safeNumber()
|
||||
static std::int64_t
|
||||
safeNumberLimit();
|
||||
bool
|
||||
safeNumber(Asset const& a);
|
||||
// Returns whether the value fits within Number::maxMantissa. Transactors
|
||||
// may check this, too, but are not required to. It will be checked when
|
||||
// serializing, and will throw if false, thus preventing the value from
|
||||
// being silently truncated.
|
||||
bool
|
||||
validNumber() const;
|
||||
/// Combines usesAsset(a) and validAsset()
|
||||
bool
|
||||
validNumber(Asset const& a);
|
||||
static std::int64_t
|
||||
validNumberLimit();
|
||||
|
||||
bool
|
||||
isEquivalent(STBase const& t) const override;
|
||||
bool
|
||||
|
||||
@@ -482,9 +482,15 @@ public:
|
||||
value_type
|
||||
operator*() const;
|
||||
|
||||
/// Do not use operator->() unless the field is required, or you've checked
|
||||
/// that it's set.
|
||||
T const*
|
||||
operator->() const;
|
||||
|
||||
/// Access the underlying STObject without necessarily dereferencing it
|
||||
T*
|
||||
stValue() const;
|
||||
|
||||
protected:
|
||||
STObject* st_;
|
||||
SOEStyle style_;
|
||||
@@ -718,11 +724,21 @@ STObject::Proxy<T>::operator*() const -> value_type
|
||||
return this->value();
|
||||
}
|
||||
|
||||
/// Do not use operator->() unless the field is required, or you've checked that
|
||||
/// it's set.
|
||||
template <class T>
|
||||
T const*
|
||||
STObject::Proxy<T>::operator->() const
|
||||
{
|
||||
return this->find();
|
||||
return stValue();
|
||||
}
|
||||
|
||||
/// Access the underlying STObject without necessarily dereferencing it
|
||||
template <class T>
|
||||
T*
|
||||
STObject::Proxy<T>::stValue() const
|
||||
{
|
||||
return dynamic_cast<T*>(st_->getPField(*f_));
|
||||
}
|
||||
|
||||
template <class T>
|
||||
|
||||
@@ -23,6 +23,7 @@ systemName()
|
||||
|
||||
/** Number of drops in the genesis account. */
|
||||
constexpr XRPAmount INITIAL_XRP{100'000'000'000 * DROPS_PER_XRP};
|
||||
static_assert(INITIAL_XRP.drops() == 100'000'000'000'000'000);
|
||||
|
||||
/** Returns true if the amount does not exceed the initial XRP in existence. */
|
||||
inline bool
|
||||
|
||||
@@ -479,10 +479,10 @@ LEDGER_ENTRY(ltVAULT, 0x0084, Vault, vault, ({
|
||||
{sfAccount, soeREQUIRED},
|
||||
{sfData, soeOPTIONAL},
|
||||
{sfAsset, soeREQUIRED},
|
||||
{sfAssetsTotal, soeREQUIRED},
|
||||
{sfAssetsAvailable, soeREQUIRED},
|
||||
{sfAssetsTotal, soeDEFAULT},
|
||||
{sfAssetsAvailable, soeDEFAULT},
|
||||
{sfAssetsMaximum, soeDEFAULT},
|
||||
{sfLossUnrealized, soeREQUIRED},
|
||||
{sfLossUnrealized, soeDEFAULT},
|
||||
{sfShareMPTID, soeREQUIRED},
|
||||
{sfWithdrawalPolicy, soeREQUIRED},
|
||||
{sfScale, soeDEFAULT},
|
||||
|
||||
@@ -12,6 +12,7 @@
|
||||
#include <xrpl/protocol/SField.h>
|
||||
#include <xrpl/protocol/STBase.h>
|
||||
#include <xrpl/protocol/STLedgerEntry.h>
|
||||
#include <xrpl/protocol/STNumber.h>
|
||||
#include <xrpl/protocol/STObject.h>
|
||||
#include <xrpl/protocol/Serializer.h>
|
||||
#include <xrpl/protocol/jss.h>
|
||||
@@ -67,6 +68,32 @@ STLedgerEntry::setSLEType()
|
||||
|
||||
type_ = format->getType();
|
||||
applyTemplate(format->getSOTemplate()); // May throw
|
||||
|
||||
// Per object type overrides
|
||||
// Currently only covers STNumber fields to link them to appropriate assets
|
||||
switch (type_)
|
||||
{
|
||||
case ltVAULT: {
|
||||
auto const asset = at(sfAsset);
|
||||
for (auto const& field :
|
||||
{~sfAssetsAvailable,
|
||||
~sfAssetsTotal,
|
||||
~sfAssetsMaximum,
|
||||
~sfLossUnrealized})
|
||||
{
|
||||
if (auto proxy = at(field))
|
||||
if (auto stNumber = proxy.stValue())
|
||||
stNumber->usesAsset(asset);
|
||||
}
|
||||
}
|
||||
/*
|
||||
// TODO: If possible, set up the loan-related STNumber fields, too.
|
||||
// May not be possible because we don't have a view available.
|
||||
|
||||
case ltLOAN_BROKER:
|
||||
case ltLOAN:
|
||||
*/
|
||||
}
|
||||
}
|
||||
|
||||
std::string
|
||||
|
||||
@@ -50,6 +50,8 @@ STNumber::add(Serializer& s) const
|
||||
XRPL_ASSERT(
|
||||
getFName().fieldType == getSType(),
|
||||
"ripple::STNumber::add : field type match");
|
||||
if (!validNumber())
|
||||
throw NumberOverflow(to_string(value_));
|
||||
s.add64(value_.mantissa());
|
||||
s.add32(value_.exponent());
|
||||
}
|
||||
@@ -66,6 +68,87 @@ STNumber::setValue(Number const& v)
|
||||
value_ = v;
|
||||
}
|
||||
|
||||
// Tell the STNumber whether the value it is holding represents an integer, and
|
||||
// must fit within the allowable range.
|
||||
void
|
||||
STNumber::usesAsset(Asset const& a)
|
||||
{
|
||||
XRPL_ASSERT_PARTS(
|
||||
!isInteger_ || a.integral(),
|
||||
"ripple::STNumber::value",
|
||||
"asset check only gets stricter");
|
||||
// isInteger_ is a one-way switch. Once it's on, it stays on.
|
||||
if (isInteger_)
|
||||
return;
|
||||
isInteger_ = a.integral();
|
||||
}
|
||||
|
||||
bool
|
||||
STNumber::isIntegral() const
|
||||
{
|
||||
return isInteger_;
|
||||
}
|
||||
|
||||
// Returns whether the value fits within Number::maxIntValue. Transactors
|
||||
// should check this whenever interacting with an STNumber.
|
||||
bool
|
||||
STNumber::safeNumber() const
|
||||
{
|
||||
if (!isInteger_)
|
||||
return true;
|
||||
|
||||
static Number const max = safeNumberLimit();
|
||||
static Number const maxNeg = -max;
|
||||
// Avoid making a copy
|
||||
if (value_ < 0)
|
||||
return value_ >= maxNeg;
|
||||
return value_ <= max;
|
||||
}
|
||||
|
||||
bool
|
||||
STNumber::safeNumber(Asset const& a)
|
||||
{
|
||||
usesAsset(a);
|
||||
return safeNumber();
|
||||
}
|
||||
|
||||
std::int64_t
|
||||
STNumber::safeNumberLimit()
|
||||
{
|
||||
return Number::maxIntValue;
|
||||
}
|
||||
|
||||
// Returns whether the value fits within Number::maxMantissa. Transactors
|
||||
// may check this, too, but are not required to. It will be checked when
|
||||
// serializing, and will throw if false, thus preventing the value from
|
||||
// being silently truncated.
|
||||
bool
|
||||
STNumber::validNumber() const
|
||||
{
|
||||
if (!isInteger_)
|
||||
return true;
|
||||
|
||||
static Number const max = validNumberLimit();
|
||||
static Number const maxNeg = -max;
|
||||
// Avoid making a copy
|
||||
if (value_ < 0)
|
||||
return value_ >= maxNeg;
|
||||
return value_ <= max;
|
||||
}
|
||||
|
||||
bool
|
||||
STNumber::validNumber(Asset const& a)
|
||||
{
|
||||
usesAsset(a);
|
||||
return validNumber();
|
||||
}
|
||||
|
||||
std::int64_t
|
||||
STNumber::validNumberLimit()
|
||||
{
|
||||
return Number::maxMantissa;
|
||||
}
|
||||
|
||||
STBase*
|
||||
STNumber::copy(std::size_t n, void* buf) const
|
||||
{
|
||||
|
||||
@@ -1384,7 +1384,7 @@ private:
|
||||
// equal asset deposit: unit test to exercise the rounding-down of
|
||||
// LPTokens in the AMMHelpers.cpp: adjustLPTokens calculations
|
||||
// The LPTokens need to have 16 significant digits and a fractional part
|
||||
for (Number const deltaLPTokens :
|
||||
for (Number const& deltaLPTokens :
|
||||
{Number{UINT64_C(100000'0000000009), -10},
|
||||
Number{UINT64_C(100000'0000000001), -10}})
|
||||
{
|
||||
|
||||
@@ -4525,7 +4525,8 @@ class Vault_test : public beast::unit_test::suite
|
||||
BEAST_EXPECT(checkString(vault, sfAssetsAvailable, "50"));
|
||||
BEAST_EXPECT(checkString(vault, sfAssetsMaximum, "1000"));
|
||||
BEAST_EXPECT(checkString(vault, sfAssetsTotal, "50"));
|
||||
BEAST_EXPECT(checkString(vault, sfLossUnrealized, "0"));
|
||||
// Since this field is default, it is not returned.
|
||||
BEAST_EXPECT(!vault.isMember(sfLossUnrealized.getJsonName()));
|
||||
|
||||
auto const strShareID = strHex(sle->at(sfShareMPTID));
|
||||
BEAST_EXPECT(checkString(vault, sfShareMPTID, strShareID));
|
||||
|
||||
@@ -2164,6 +2164,28 @@ ValidAMM::finalize(
|
||||
|
||||
//------------------------------------------------------------------------------
|
||||
|
||||
ValidVault::NumberInfo
|
||||
ValidVault::NumberInfo::make(
|
||||
SLE const& from,
|
||||
SF_NUMBER const& field,
|
||||
Asset const& asset)
|
||||
{
|
||||
bool valid = true;
|
||||
|
||||
// Poke around in the internals of STObject to get the STNumber object
|
||||
if (auto const stNumber =
|
||||
dynamic_cast<STNumber const*>(from.peekAtPField(field)))
|
||||
valid = stNumber->isIntegral() == asset.integral() &&
|
||||
stNumber->validNumber();
|
||||
|
||||
return {.n = from.at(field), .valid = valid};
|
||||
}
|
||||
|
||||
ValidVault::NumberInfo::operator Number const&() const
|
||||
{
|
||||
return n;
|
||||
}
|
||||
|
||||
ValidVault::Vault
|
||||
ValidVault::Vault::make(SLE const& from)
|
||||
{
|
||||
@@ -2176,10 +2198,11 @@ ValidVault::Vault::make(SLE const& from)
|
||||
self.asset = from.at(sfAsset);
|
||||
self.pseudoId = from.getAccountID(sfAccount);
|
||||
self.shareMPTID = from.getFieldH192(sfShareMPTID);
|
||||
self.assetsTotal = from.at(sfAssetsTotal);
|
||||
self.assetsAvailable = from.at(sfAssetsAvailable);
|
||||
self.assetsMaximum = from.at(sfAssetsMaximum);
|
||||
self.lossUnrealized = from.at(sfLossUnrealized);
|
||||
self.assetsTotal = NumberInfo::make(from, sfAssetsTotal, self.asset);
|
||||
self.assetsAvailable =
|
||||
NumberInfo::make(from, sfAssetsAvailable, self.asset);
|
||||
self.assetsMaximum = NumberInfo::make(from, sfAssetsMaximum, self.asset);
|
||||
self.lossUnrealized = NumberInfo::make(from, sfLossUnrealized, self.asset);
|
||||
return self;
|
||||
}
|
||||
|
||||
@@ -2413,6 +2436,17 @@ ValidVault::finalize(
|
||||
beforeVault_.empty() || beforeVault_[0].key == afterVault.key,
|
||||
"ripple::ValidVault::finalize : single vault operation");
|
||||
|
||||
if (!afterVault.assetsTotal.valid || !afterVault.assetsAvailable.valid ||
|
||||
!afterVault.assetsMaximum.valid || !afterVault.lossUnrealized.valid)
|
||||
{
|
||||
JLOG(j.fatal()) << "Invariant failed: vault overflowed maximum current "
|
||||
"representable integer value";
|
||||
XRPL_ASSERT(
|
||||
enforce,
|
||||
"ripple::ValidVault::finalize : vault integer limit invariant");
|
||||
return !enforce; // That's all we can do here
|
||||
}
|
||||
|
||||
auto const updatedShares = [&]() -> std::optional<Shares> {
|
||||
// At this moment we only know that a vault is being updated and there
|
||||
// might be some MPTokenIssuance objects which are also updated in the
|
||||
@@ -2487,7 +2521,7 @@ ValidVault::finalize(
|
||||
result = false;
|
||||
}
|
||||
|
||||
if (afterVault.assetsAvailable > afterVault.assetsTotal)
|
||||
if (afterVault.assetsAvailable.n > afterVault.assetsTotal)
|
||||
{
|
||||
JLOG(j.fatal()) << "Invariant failed: assets available must "
|
||||
"not be greater than assets outstanding";
|
||||
@@ -2528,7 +2562,7 @@ ValidVault::finalize(
|
||||
}
|
||||
|
||||
if (!beforeVault_.empty() &&
|
||||
afterVault.lossUnrealized != beforeVault_[0].lossUnrealized)
|
||||
afterVault.lossUnrealized.n != beforeVault_[0].lossUnrealized)
|
||||
{
|
||||
JLOG(j.fatal()) << //
|
||||
"Invariant failed: vault transaction must not change loss "
|
||||
@@ -2698,7 +2732,7 @@ ValidVault::finalize(
|
||||
result = false;
|
||||
}
|
||||
|
||||
if (beforeVault.assetsTotal != afterVault.assetsTotal)
|
||||
if (beforeVault.assetsTotal.n != afterVault.assetsTotal)
|
||||
{
|
||||
JLOG(j.fatal()) << //
|
||||
"Invariant failed: set must not change assets "
|
||||
@@ -2707,7 +2741,7 @@ ValidVault::finalize(
|
||||
}
|
||||
|
||||
if (afterVault.assetsMaximum > zero &&
|
||||
afterVault.assetsTotal > afterVault.assetsMaximum)
|
||||
afterVault.assetsTotal.n > afterVault.assetsMaximum)
|
||||
{
|
||||
JLOG(j.fatal()) << //
|
||||
"Invariant failed: set assets outstanding must not "
|
||||
@@ -2715,7 +2749,7 @@ ValidVault::finalize(
|
||||
result = false;
|
||||
}
|
||||
|
||||
if (beforeVault.assetsAvailable != afterVault.assetsAvailable)
|
||||
if (beforeVault.assetsAvailable.n != afterVault.assetsAvailable)
|
||||
{
|
||||
JLOG(j.fatal()) << //
|
||||
"Invariant failed: set must not change assets "
|
||||
@@ -2803,7 +2837,7 @@ ValidVault::finalize(
|
||||
}
|
||||
|
||||
if (afterVault.assetsMaximum > zero &&
|
||||
afterVault.assetsTotal > afterVault.assetsMaximum)
|
||||
afterVault.assetsTotal.n > afterVault.assetsMaximum)
|
||||
{
|
||||
JLOG(j.fatal()) << //
|
||||
"Invariant failed: deposit assets outstanding must not "
|
||||
|
||||
@@ -5,6 +5,7 @@
|
||||
#include <xrpl/basics/base_uint.h>
|
||||
#include <xrpl/beast/utility/Journal.h>
|
||||
#include <xrpl/protocol/MPTIssue.h>
|
||||
#include <xrpl/protocol/SField.h>
|
||||
#include <xrpl/protocol/STLedgerEntry.h>
|
||||
#include <xrpl/protocol/STTx.h>
|
||||
#include <xrpl/protocol/TER.h>
|
||||
@@ -738,16 +739,38 @@ class ValidVault
|
||||
{
|
||||
Number static constexpr zero{};
|
||||
|
||||
struct Vault;
|
||||
|
||||
struct NumberInfo final
|
||||
{
|
||||
Number n;
|
||||
bool valid;
|
||||
|
||||
// Make this Number wrapper as transparent as possible, except when
|
||||
// checking validity. However, rather than fleshing out all the
|
||||
// comparison operators, etc, a few places will still need to specify
|
||||
// "n".
|
||||
operator Number const&() const;
|
||||
|
||||
private:
|
||||
friend class ValidVault::Vault;
|
||||
|
||||
NumberInfo static make(
|
||||
SLE const& from,
|
||||
SF_NUMBER const& field,
|
||||
Asset const& asset);
|
||||
};
|
||||
|
||||
struct Vault final
|
||||
{
|
||||
uint256 key = beast::zero;
|
||||
Asset asset = {};
|
||||
AccountID pseudoId = {};
|
||||
uint192 shareMPTID = beast::zero;
|
||||
Number assetsTotal = 0;
|
||||
Number assetsAvailable = 0;
|
||||
Number assetsMaximum = 0;
|
||||
Number lossUnrealized = 0;
|
||||
NumberInfo assetsTotal{0, true};
|
||||
NumberInfo assetsAvailable{0, true};
|
||||
NumberInfo assetsMaximum{0, true};
|
||||
NumberInfo lossUnrealized{0, true};
|
||||
|
||||
Vault static make(SLE const&);
|
||||
};
|
||||
|
||||
@@ -193,7 +193,28 @@ VaultCreate::doApply()
|
||||
vault->at(sfLossUnrealized) = Number(0);
|
||||
// Leave default values for AssetTotal and AssetAvailable, both zero.
|
||||
if (auto value = tx[~sfAssetsMaximum])
|
||||
vault->at(sfAssetsMaximum) = *value;
|
||||
{
|
||||
auto assetsMaximumProxy = vault->at(~sfAssetsMaximum);
|
||||
assetsMaximumProxy = *value;
|
||||
if (auto const stNumber = assetsMaximumProxy.stValue();
|
||||
stNumber && !stNumber->validNumber(asset))
|
||||
{
|
||||
JLOG(j_.warn()) << "VaultCreate: Invalid assets maximum value for "
|
||||
"integral asset type: "
|
||||
<< *value << " > " << STNumber::validNumberLimit();
|
||||
return tecPRECISION_LOSS;
|
||||
}
|
||||
}
|
||||
// TODO: Should integral types automatically set a limit to the
|
||||
// Number::validNumberLimit() value? Or safeNumberLimit()?
|
||||
/*
|
||||
else if (asset.integral())
|
||||
{
|
||||
auto assetsMaximumProxy = vault->at(~sfAssetsMaximum);
|
||||
assetsMaximumProxy = STNumber::validNumberLimit();
|
||||
assetsMaximumProxy.stValue()->usesAsset(asset);
|
||||
}
|
||||
*/
|
||||
vault->at(sfShareMPTID) = mptIssuanceID;
|
||||
if (auto value = tx[~sfData])
|
||||
vault->at(sfData) = *value;
|
||||
|
||||
@@ -260,13 +260,43 @@ VaultDeposit::doApply()
|
||||
sharesCreated.asset() != assetsDeposited.asset(),
|
||||
"ripple::VaultDeposit::doApply : assets are not shares");
|
||||
|
||||
vault->at(sfAssetsTotal) += assetsDeposited;
|
||||
vault->at(sfAssetsAvailable) += assetsDeposited;
|
||||
auto assetsTotalProxy = vault->at(sfAssetsTotal);
|
||||
auto assetsAvailableProxy = vault->at(sfAssetsAvailable);
|
||||
|
||||
assetsTotalProxy += assetsDeposited;
|
||||
assetsAvailableProxy += assetsDeposited;
|
||||
view().update(vault);
|
||||
|
||||
auto const asset = *vault->at(sfAsset);
|
||||
if (auto stNumber = assetsTotalProxy.stValue();
|
||||
stNumber && !stNumber->safeNumber(asset))
|
||||
{
|
||||
JLOG(j_.warn()) << "VaultDeposit: Invalid assets total value for "
|
||||
"integral asset type: "
|
||||
<< *assetsTotalProxy << " > "
|
||||
<< STNumber::safeNumberLimit();
|
||||
return tecPRECISION_LOSS;
|
||||
}
|
||||
if (auto stNumber = assetsAvailableProxy.stValue();
|
||||
stNumber && !stNumber->safeNumber(asset))
|
||||
{
|
||||
// LCOV_EXCL_START
|
||||
// This should be impossible to reach because total should never be less
|
||||
// than available, so if total is ok, available should be ok.
|
||||
UNREACHABLE(
|
||||
"ripple::VaultDeposit::doApply() : AssetsAvailable exceeds "
|
||||
"AssetsTotal");
|
||||
JLOG(j_.warn()) << "VaultDeposit: Invalid assets available value for "
|
||||
"integral asset type: "
|
||||
<< *assetsAvailableProxy << " > "
|
||||
<< STNumber::safeNumberLimit();
|
||||
return tecPRECISION_LOSS;
|
||||
// LCOV_EXCL_STOP
|
||||
}
|
||||
|
||||
// A deposit must not push the vault over its limit.
|
||||
auto const maximum = *vault->at(sfAssetsMaximum);
|
||||
if (maximum != 0 && *vault->at(sfAssetsTotal) > maximum)
|
||||
if (maximum != 0 && *assetsTotalProxy > maximum)
|
||||
return tecLIMIT_EXCEEDED;
|
||||
|
||||
// Transfer assets from depositor to vault.
|
||||
|
||||
@@ -143,7 +143,19 @@ VaultSet::doApply()
|
||||
if (tx[sfAssetsMaximum] != 0 &&
|
||||
tx[sfAssetsMaximum] < *vault->at(sfAssetsTotal))
|
||||
return tecLIMIT_EXCEEDED;
|
||||
vault->at(sfAssetsMaximum) = tx[sfAssetsMaximum];
|
||||
auto assetsMaximumProxy = vault->at(~sfAssetsMaximum);
|
||||
assetsMaximumProxy = tx[sfAssetsMaximum];
|
||||
if (auto const stNumber = assetsMaximumProxy.stValue();
|
||||
stNumber && !stNumber->validNumber(vault->at(sfAsset)))
|
||||
{
|
||||
// LCOV_EXCL_START
|
||||
// This should be impossible, because invalid values would have been
|
||||
// stopped by `VaultCreate`.
|
||||
UNREACHABLE(
|
||||
"ripple::VaultSet::doApply : invalid assets maximum value");
|
||||
return tecLIMIT_EXCEEDED;
|
||||
// LCOV_EXCL_STOP
|
||||
}
|
||||
}
|
||||
|
||||
if (auto const domainId = tx[~sfDomainID]; domainId)
|
||||
|
||||
Reference in New Issue
Block a user