Update levelization

.github/scripts/levelization/results/ordering.txt

@@ -161,6 +161,7 @@ test.peerfinder > xrpl.protocol
 test.protocol > test.jtx
 test.protocol > test.unit_test
 test.protocol > xrpl.basics
+test.protocol > xrpld.core
 test.protocol > xrpl.json
 test.protocol > xrpl.protocol
 test.resource > test.unit_test

src/test/app/LedgerReplay_test.cpp

@@ -939,6 +939,46 @@ struct LedgerReplayer_test : public beast::unit_test::Suite
             BEAST_EXPECT(!reply->has_error());
             BEAST_EXPECT(server.msgHandler.processProofPathResponse(reply));
 
+            {
+                // bad reply: invalid hash/key sizes
+                {
+                    // reply with undersized ledgerhash (31 bytes)
+                    auto bad = std::make_shared<protocol::TMProofPathResponse>(*reply);
+                    bad->set_ledgerhash(std::string(31, '\x01'));
+                    BEAST_EXPECT(!server.msgHandler.processProofPathResponse(bad));
+                }
+                {
+                    // reply with oversized ledgerhash (33 bytes)
+                    auto bad = std::make_shared<protocol::TMProofPathResponse>(*reply);
+                    bad->set_ledgerhash(std::string(33, '\x01'));
+                    BEAST_EXPECT(!server.msgHandler.processProofPathResponse(bad));
+                }
+                {
+                    // reply with empty ledgerhash
+                    auto bad = std::make_shared<protocol::TMProofPathResponse>(*reply);
+                    bad->set_ledgerhash(std::string());
+                    BEAST_EXPECT(!server.msgHandler.processProofPathResponse(bad));
+                }
+                {
+                    // reply with undersized key (31 bytes)
+                    auto bad = std::make_shared<protocol::TMProofPathResponse>(*reply);
+                    bad->set_key(std::string(31, '\x01'));
+                    BEAST_EXPECT(!server.msgHandler.processProofPathResponse(bad));
+                }
+                {
+                    // reply with oversized key (33 bytes)
+                    auto bad = std::make_shared<protocol::TMProofPathResponse>(*reply);
+                    bad->set_key(std::string(33, '\x01'));
+                    BEAST_EXPECT(!server.msgHandler.processProofPathResponse(bad));
+                }
+                {
+                    // reply with empty key
+                    auto bad = std::make_shared<protocol::TMProofPathResponse>(*reply);
+                    bad->set_key(std::string());
+                    BEAST_EXPECT(!server.msgHandler.processProofPathResponse(bad));
+                }
+            }
+
             {
                 // bad reply
                 // bad header
@@ -988,6 +1028,28 @@ struct LedgerReplayer_test : public beast::unit_test::Suite
             BEAST_EXPECT(!reply->has_error());
             BEAST_EXPECT(server.msgHandler.processReplayDeltaResponse(reply));
 
+            {
+                // bad reply: invalid hash sizes
+                {
+                    // reply with undersized ledgerhash (31 bytes)
+                    auto bad = std::make_shared<protocol::TMReplayDeltaResponse>(*reply);
+                    bad->set_ledgerhash(std::string(31, '\x01'));
+                    BEAST_EXPECT(!server.msgHandler.processReplayDeltaResponse(bad));
+                }
+                {
+                    // reply with oversized ledgerhash (33 bytes)
+                    auto bad = std::make_shared<protocol::TMReplayDeltaResponse>(*reply);
+                    bad->set_ledgerhash(std::string(33, '\x01'));
+                    BEAST_EXPECT(!server.msgHandler.processReplayDeltaResponse(bad));
+                }
+                {
+                    // reply with empty ledgerhash
+                    auto bad = std::make_shared<protocol::TMReplayDeltaResponse>(*reply);
+                    bad->set_ledgerhash(std::string());
+                    BEAST_EXPECT(!server.msgHandler.processReplayDeltaResponse(bad));
+                }
+            }
+
             {
                 // bad reply
                 // bad header

src/test/basics/base_uint_test.cpp

@@ -117,6 +117,30 @@ struct base_uint_test : beast::unit_test::Suite
         }
     }
 
+    void
+    testFromRawSizeMismatch()
+    {
+        testcase("base_uint: fromRaw size mismatch");
+
+        // Container smaller than the base_uint (8 bytes vs 12 bytes for
+        // test96). Only the first 8 bytes are copied; the remaining 4 bytes
+        // stay zero.
+        {
+            Blob const tooSmall{1, 2, 3, 4, 5, 6, 7, 8};
+            test96 const result = test96::fromRaw(tooSmall);
+            BEAST_EXPECT(to_string(result) == "010203040506070800000000");
+        }
+
+        // Container larger than the base_uint (16 bytes vs 12 bytes for
+        // test96). Only the first 12 bytes are copied; the extra bytes are
+        // ignored.
+        {
+            Blob const tooBig{1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16};
+            test96 const result = test96::fromRaw(tooBig);
+            BEAST_EXPECT(to_string(result) == "0102030405060708090A0B0C");
+        }
+    }
+
     void
     run() override
     {
@@ -125,6 +149,10 @@ struct base_uint_test : beast::unit_test::Suite
         static_assert(!std::is_constructible_v<test96, std::complex<double>>);
         static_assert(!std::is_assignable_v<test96&, std::complex<double>>);
 
+#ifdef NDEBUG
+        testFromRawSizeMismatch();
+#endif
+
         testComparisons();
 
         // used to verify set insertion (hashing required)

src/test/protocol/Issue_test.cpp

@@ -1,10 +1,12 @@
 #include <xrpl/basics/UnorderedContainers.h>
 #include <xrpl/basics/base_uint.h>
 #include <xrpl/beast/unit_test/suite.h>
+#include <xrpl/json/json_value.h>
 #include <xrpl/protocol/AccountID.h>
 #include <xrpl/protocol/Book.h>
 #include <xrpl/protocol/Issue.h>
 #include <xrpl/protocol/UintTypes.h>
+#include <xrpl/protocol/jss.h>
 
 #include <functional>
 #include <map>
@@ -863,6 +865,101 @@ public:
 
     //--------------------------------------------------------------------------
 
+    void
+    testIssueFromJson()
+    {
+        testcase("issueFromJson");
+
+        // Valid XRP — no issuer field
+        {
+            json::Value jv;
+            jv[jss::currency] = "XRP";
+            auto const issue = issueFromJson(jv);
+            BEAST_EXPECT(isXRP(issue));
+        }
+
+        // Valid IOU — legitimate issuer
+        {
+            json::Value jv;
+            jv[jss::currency] = "USD";
+            jv[jss::issuer] = "rHb9CJAWyB4rj91VRWn96DkukG4bwdtyTh";
+            auto const issue = issueFromJson(jv);
+            BEAST_EXPECT(!isXRP(issue));
+            BEAST_EXPECT(issue.account != noAccount());
+        }
+
+        // noAccount() is the MPT sentinel in binary serialization - must be
+        // rejected
+        try
+        {
+            json::Value jv;
+            jv[jss::currency] = "USD";
+            jv[jss::issuer] = to_string(noAccount());
+            issueFromJson(jv);
+            fail("noAccount() accepted as IOU issuer");
+        }
+        catch (...)
+        {
+            pass();
+        }
+
+        // xrpAccount() is the XRP sentinel (all zeros) - must be rejected
+        // as IOU issuer
+        try
+        {
+            json::Value jv;
+            jv[jss::currency] = "USD";
+            jv[jss::issuer] = to_string(xrpAccount());
+            issueFromJson(jv);
+            fail("xrpAccount() accepted as IOU issuer");
+        }
+        catch (...)
+        {
+            pass();
+        }
+
+        // Invalid base58 — must be rejected
+        try
+        {
+            json::Value jv;
+            jv[jss::currency] = "USD";
+            jv[jss::issuer] = "not_a_valid_address";
+            issueFromJson(jv);
+            fail("invalid base58 accepted as IOU issuer");
+        }
+        catch (...)
+        {
+            pass();
+        }
+
+        // Non-XRP currency with no issuer field — must be rejected
+        try
+        {
+            json::Value jv;
+            jv[jss::currency] = "USD";
+            issueFromJson(jv);
+            fail("missing issuer accepted");
+        }
+        catch (...)
+        {
+            pass();
+        }
+
+        // XRP with an issuer field — must be rejected
+        try
+        {
+            json::Value jv;
+            jv[jss::currency] = "XRP";
+            jv[jss::issuer] = "rHb9CJAWyB4rj91VRWn96DkukG4bwdtyTh";
+            issueFromJson(jv);
+            fail("XRP with issuer accepted");
+        }
+        catch (...)
+        {
+            pass();
+        }
+    }
+
     void
     run() override
     {
@@ -897,6 +994,9 @@ public:
         // ---
         testIssueDomainSets();
         testIssueDomainMaps();
+
+        // ---
+        testIssueFromJson();
     }
 };
 

src/test/protocol/STIssue_test.cpp

@@ -1,15 +1,24 @@
 
 #include <test/jtx/Account.h>
+#include <test/jtx/Env.h>
 #include <test/jtx/amount.h>  // IWYU pragma: keep
+#include <test/jtx/envconfig.h>
+
+#include <xrpld/core/Config.h>
 
 #include <xrpl/basics/base_uint.h>
 #include <xrpl/beast/unit_test/suite.h>
+#include <xrpl/json/json_value.h>
+#include <xrpl/json/to_string.h>
 #include <xrpl/protocol/AccountID.h>
 #include <xrpl/protocol/Issue.h>
 #include <xrpl/protocol/SField.h>
 #include <xrpl/protocol/STIssue.h>
 #include <xrpl/protocol/Serializer.h>
 #include <xrpl/protocol/UintTypes.h>
+#include <xrpl/protocol/jss.h>
+
+#include <memory>
 
 namespace xrpl::test {
 
@@ -137,12 +146,143 @@ public:
             "000000000000000000000000000000000000000000000002");
     }
 
+    void
+    testNoAccountIssuerRpc()
+    {
+        testcase("noAccount issuer rejected via RPC sign");
+
+        using namespace jtx;
+        Env env{*this, envconfig([](std::unique_ptr<Config> cfg) {
+                    cfg->loadFromString("[signing_support]\ntrue");
+                    return cfg;
+                })};
+
+        Account const alice{"alice"};
+        env.fund(XRP(10000), alice);
+        env.close();
+
+        json::Value txJson;
+        txJson[jss::TransactionType] = "AMMDelete";
+        txJson[jss::Account] = alice.human();
+        txJson[jss::Asset][jss::currency] = "USD";
+        txJson[jss::Asset][jss::issuer] = to_string(noAccount());
+        txJson[jss::Asset2][jss::currency] = "XRP";
+
+        json::Value req;
+        req[jss::tx_json] = txJson;
+        req[jss::secret] = alice.name();
+
+        auto const result = env.rpc("json", "sign", to_string(req))[jss::result];
+
+        BEAST_EXPECT(result[jss::status] == "error");
+        BEAST_EXPECT(result.isMember(jss::error));
+    }
+
+    void
+    testNoAccountIssuer()
+    {
+        testcase("noAccount issuer rejection");
+
+        {
+            json::Value jv;
+            jv[jss::currency] = "USD";
+            jv[jss::issuer] = to_string(noAccount());
+
+            try
+            {
+                issueFromJson(sfAsset, jv);
+                fail("issueFromJson accepted noAccount() as IOU issuer");
+            }
+            catch (...)
+            {
+                pass();
+            }
+        }
+
+        {
+            Serializer s;
+            s.addBitString(toCurrency("USD"));
+            s.addBitString(noAccount());
+            SerialIter iter(s.slice());
+
+            try
+            {
+                STIssue const stissue(iter, sfAsset);
+                fail(
+                    "STIssue deserialization of [USD][noAccount()] should "
+                    "throw");
+            }
+            catch (...)
+            {
+                pass();
+            }
+        }
+    }
+
+    void
+    testXrpAccountIssuerRpc()
+    {
+        testcase("xrpAccount issuer rejected via RPC sign");
+
+        using namespace jtx;
+        Env env{*this, envconfig([](std::unique_ptr<Config> cfg) {
+                    cfg->loadFromString("[signing_support]\ntrue");
+                    return cfg;
+                })};
+
+        Account const alice{"alice"};
+        env.fund(XRP(10000), alice);
+        env.close();
+
+        json::Value txJson;
+        txJson[jss::TransactionType] = "AMMDelete";
+        txJson[jss::Account] = alice.human();
+        txJson[jss::Asset][jss::currency] = "USD";
+        txJson[jss::Asset][jss::issuer] = to_string(xrpAccount());
+        txJson[jss::Asset2][jss::currency] = "XRP";
+
+        json::Value req;
+        req[jss::tx_json] = txJson;
+        req[jss::secret] = alice.name();
+
+        auto const result = env.rpc("json", "sign", to_string(req))[jss::result];
+
+        BEAST_EXPECT(result[jss::status] == "error");
+        BEAST_EXPECT(result.isMember(jss::error));
+    }
+
+    void
+    testXrpAccountIssuer()
+    {
+        testcase("xrpAccount issuer rejection");
+
+        {
+            json::Value jv;
+            jv[jss::currency] = "USD";
+            jv[jss::issuer] = to_string(xrpAccount());
+
+            try
+            {
+                issueFromJson(sfAsset, jv);
+                fail("issueFromJson accepted xrpAccount() as IOU issuer");
+            }
+            catch (...)
+            {
+                pass();
+            }
+        }
+    }
+
     void
     run() override
     {
         // compliments other unit tests to ensure complete coverage
         testConstructor();
         testCompare();
+        testNoAccountIssuerRpc();
+        testNoAccountIssuer();
+        testXrpAccountIssuerRpc();
+        testXrpAccountIssuer();
     }
 };
 

src/test/rpc/AccountObjects_test.cpp

@@ -23,6 +23,7 @@
 #include <xrpl/protocol/AccountID.h>
 #include <xrpl/protocol/Feature.h>
 #include <xrpl/protocol/SField.h>
+#include <xrpl/protocol/Seed.h>
 #include <xrpl/protocol/TxFlags.h>
 #include <xrpl/protocol/jss.h>
 #include <xrpl/protocol/nft.h>
@@ -32,6 +33,7 @@
 #include <cstdint>
 #include <iterator>
 #include <optional>
+#include <ranges>
 #include <vector>
 
 namespace xrpl::test {
@@ -1350,6 +1352,86 @@ public:
         }
     }
 
+    void
+    testAccountObjectDoesntShowCancelledOffers()
+    {
+        testcase("AccountObjectDoesntShowCancelledOffers");
+
+        using namespace jtx;
+        Env env(*this);
+
+        Account const alice{"alice"};
+        Account const bob{"bob"};
+        auto const eur = bob["EUR"];
+        env.fund(XRP(10000), alice, bob);
+        env.close();
+
+        auto const rpcAccountObjects = [&](std::optional<uint32_t> limit = std::nullopt) {
+            json::Value params;
+            params[jss::account] = alice.human();
+            if (limit.has_value())
+            {
+                params[jss::limit] = *limit;
+            }
+            return env.rpc("json", "account_objects", to_string(params));
+        };
+
+        auto const numEntries = 33;
+        std::vector<uint32_t> seqs;
+        seqs.reserve(numEntries);
+        for ([[maybe_unused]] auto _ : std::ranges::iota_view{0, numEntries})
+        {
+            json::Value params;
+            params[jss::secret] = toBase58(generateSeed("alice"));
+            params[jss::tx_json] = offer(alice, eur(1), XRP(2));
+            auto const res = env.rpc("json", "submit", to_string(params))[jss::result];
+            BEAST_EXPECT(res[jss::status].asString() == "success");
+            seqs.push_back(env.seq(alice));
+        }
+
+        auto res = rpcAccountObjects();
+        BEAST_EXPECT(res[jss::result][jss::account_objects].size() == numEntries);
+        BEAST_EXPECT(not res[jss::result].isMember(jss::limit));
+        BEAST_EXPECT(not res[jss::result].isMember(jss::marker));
+
+        for (auto const s : std::views::all(seqs) | std::views::take(numEntries - 1))
+        {
+            json::Value params;
+            params[jss::secret] = toBase58(generateSeed("alice"));
+            params[jss::tx_json] = offerCancel(alice, s - 1);
+            auto const res = env.rpc("json", "submit", to_string(params))[jss::result];
+            BEAST_EXPECT(res[jss::status].asString() == "success");
+        }
+
+        res = rpcAccountObjects();
+        BEAST_EXPECT(res[jss::result][jss::account_objects].size() == 1);
+        BEAST_EXPECT(not res[jss::result].isMember(jss::limit));
+        BEAST_EXPECT(not res[jss::result].isMember(jss::marker));
+
+        {
+            json::Value params;
+            params[jss::secret] = toBase58(generateSeed("alice"));
+            json::Value txJson;
+            txJson[jss::TransactionType] = jss::NFTokenMint;
+            txJson[jss::Account] = to_string(alice.id());
+            txJson["NFTokenTaxon"] = 1;
+            params[jss::tx_json] = txJson;
+            auto const res = env.rpc("json", "submit", to_string(params))[jss::result];
+            BEAST_EXPECT(res[jss::status].asString() == "success");
+        }
+        env.close();
+
+        res = rpcAccountObjects();
+        BEAST_EXPECT(res[jss::result][jss::account_objects].size() == 2);
+        BEAST_EXPECT(not res[jss::result].isMember(jss::limit));
+        BEAST_EXPECT(not res[jss::result].isMember(jss::marker));
+
+        res = rpcAccountObjects(1);
+        BEAST_EXPECT(res[jss::result][jss::account_objects].size() == 1);
+        BEAST_EXPECT(res[jss::result][jss::limit].asUInt() == 1);
+        BEAST_EXPECT(res[jss::result].isMember(jss::marker));
+    }
+
     void
     run() override
     {
@@ -1360,6 +1442,7 @@ public:
         testNFTsMarker();
         testAccountNFTs();
         testAccountObjectMarker();
+        testAccountObjectDoesntShowCancelledOffers();
     }
 };
 

src/test/rpc/Transaction_test.cpp

@@ -2,6 +2,7 @@
 #include <test/jtx/Env.h>
 #include <test/jtx/amount.h>
 #include <test/jtx/envconfig.h>
+#include <test/jtx/multisign.h>
 #include <test/jtx/noop.h>
 #include <test/jtx/pay.h>
 #include <test/jtx/seq.h>
@@ -881,6 +882,125 @@ class Transaction_test : public beast::unit_test::Suite
         }
     }
 
+    void
+    testSignForNetworkIDValidation()
+    {
+        testcase("SignFor NetworkID validation");
+        using namespace test::jtx;
+
+        Account const owner{"owner"};
+        Account const signer{"signer"};
+
+        auto makeConfig = [](std::uint32_t networkID) {
+            return envconfig([networkID](std::unique_ptr<Config> cfg) {
+                cfg->networkId = networkID;
+                return cfg;
+            });
+        };
+
+        auto setupEnv = [&](Env& env) {
+            env.fund(XRP(10'000), owner, signer);
+            env.close();
+            env(signers(owner, 1, {{signer, 1}}));
+            env.close();
+        };
+
+        auto makeTx = [&](Env& env) {
+            json::Value tx;
+            tx[jss::TransactionType] = jss::AccountSet;
+            tx[jss::Account] = owner.human();
+            tx[jss::Sequence] = env.seq(owner);
+            tx[jss::Fee] = "100";
+            tx[jss::SigningPubKey] = "";
+            return tx;
+        };
+
+        auto signFor = [&](Env& env, json::Value const& tx) {
+            json::Value signReq;
+            signReq[jss::tx_json] = tx;
+            signReq[jss::account] = signer.human();
+            signReq[jss::secret] = signer.name();
+            return env.rpc("json", "sign_for", to_string(signReq))[jss::result];
+        };
+
+        // Test case: NetworkID < 1024 - field is not required
+        {
+            Env env{*this, makeConfig(500)};
+            setupEnv(env);
+
+            auto tx = makeTx(env);
+            auto result = signFor(env, tx);
+
+            BEAST_EXPECT(result[jss::status] == "success");
+            BEAST_EXPECT(!result[jss::tx_json].isMember(jss::NetworkID));
+        }
+
+        // Test case: NetworkID > 1024 - missing NetworkID field
+        {
+            Env env{*this, makeConfig(2040)};
+            setupEnv(env);
+
+            auto tx = makeTx(env);
+            auto result = signFor(env, tx);
+
+            BEAST_EXPECT(result[jss::error] == "invalidParams");
+            BEAST_EXPECT(result[jss::error_message] == "Missing field 'tx_json.NetworkID'.");
+        }
+
+        // Test case: NetworkID > 1024 - NetworkID field is not a number
+        {
+            Env env{*this, makeConfig(2040)};
+            setupEnv(env);
+
+            auto tx = makeTx(env);
+            tx[jss::NetworkID] = "not_a_number";
+            auto result = signFor(env, tx);
+
+            BEAST_EXPECT(result[jss::error] == "invalidParams");
+            BEAST_EXPECT(result[jss::error_message] == "Invalid field 'tx_json.NetworkID'.");
+        }
+
+        // Test case: NetworkID > 1024 - NetworkID field is not integral
+        {
+            Env env{*this, makeConfig(2040)};
+            setupEnv(env);
+
+            auto tx = makeTx(env);
+            tx[jss::NetworkID] = 2040.1;
+            auto result = signFor(env, tx);
+
+            BEAST_EXPECT(result[jss::error] == "invalidParams");
+            BEAST_EXPECT(result[jss::error_message] == "Invalid field 'tx_json.NetworkID'.");
+        }
+
+        // Test case: NetworkID > 1024 - NetworkID field is different from
+        // actual NetworkID
+        {
+            Env env{*this, makeConfig(2040)};
+            setupEnv(env);
+
+            auto tx = makeTx(env);
+            tx[jss::NetworkID] = 9999;
+            auto result = signFor(env, tx);
+
+            BEAST_EXPECT(result[jss::error] == "invalidParams");
+            BEAST_EXPECT(result[jss::error_message] == "Invalid field 'tx_json.NetworkID'.");
+        }
+
+        // Test case: NetworkID > 1024 - NetworkID field is correct
+        {
+            Env env{*this, makeConfig(2040)};
+            setupEnv(env);
+
+            auto tx = makeTx(env);
+            tx[jss::NetworkID] = 2040;
+            auto result = signFor(env, tx);
+
+            BEAST_EXPECT(result[jss::status] == "success");
+            BEAST_EXPECT(result[jss::tx_json][jss::NetworkID].asUInt() == 2040);
+        }
+    }
+
 public:
     void
     run() override
@@ -890,6 +1010,8 @@ public:
 
         FeatureBitset const all{testableAmendments()};
         testWithFeats(all);
+
+        testSignForNetworkIDValidation();
     }
 
     void