redundancy in RPC getblockstats method #15835

Description

I find there may be redundancy in RPC hash_or_height parameter of getblockstats method

it doesn't check the length of hash, and use const uint256 hash(uint256S(strHash)); to convert.

Behavior I expect

I expect bitcoin node will error when I add some messy prefix

<!--- What was the actual behavior (provide screenshots if the issue is GUI-related)? -->

<!--- How reliably can you reproduce the issue, what are the steps to do so? -->

reproduce

below i show the process

curl --user javv --data-binary '{"jsonrpc": "1.0", "id":"curltest", "method": "getblockstats", "params": ["  000000000000000019d6689c085ae165831e934ff763ae46a2a6c172b3f1b60a8ce26f"] }' -H 'content-type: text/plain;' http://127.0.0.1:8332/ |jq

curl --user javv --data-binary '{"jsonrpc": "1.0", "id":"curltest", "method": "getblockstats", "params": ["  000000000000000019d6689c085ae165831e934ff763ae46a2a6c172b3f1b60a8ce26f"] }' -H 'content-type: text/plain;' http://127.0.0.1:8332/ |jq
Enter host password for user 'javv':
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   699  100   548  100   151   122k  34672 --:--:-- --:--:-- --:--:--  178k
{
  "result": {
    "avgfee": 0,
    "avgfeerate": 0,
    "avgtxsize": 0,
    "blockhash": "000000000019d6689c085ae165831e934ff763ae46a2a6c172b3f1b60a8ce26f",
    "feerate_percentiles": [
      0,
      0,
      0,

as you can see, I add more 0 in my RPC request, and bitcoin node still responses me with normal hash, it's kind of strange.

I check the source code

// /rpc/blockchain.cpp [@getblockstats](/bitcoin-bitcoin/contributor/getblockstats/)
    } else {
        const std::string strHash = request.params[0].get_str();
        const uint256 hash(uint256S(strHash));
        pindex = LookupBlockIndex(hash);
        if (!pindex) {
            throw JSONRPCError(RPC_INVALID_ADDRESS_OR_KEY, "Block not found");
        }
        if (!chainActive.Contains(pindex)) {
            throw JSONRPCError(RPC_INVALID_PARAMETER, strprintf("Block is not in chain %s", Params().NetworkIDString()));
        }
    }

version of Bitcoin Core

0.17.1, I get it from the newest release

<!-- What type of machine are you observing the error on (OS/CPU and disk type)? -->

I use centos 7.2

<!-- For the GUI-related issue on Linux provide names and versions of a distro, a desktop environment and a graphical shell (if relevant). -->

<!-- Any extra information that might be useful in the debugging process. -->

<!--- This is normally the contents of a `debug.log` or `config.log` file. Raw text or a link to a pastebin type site are preferred. -->

curl --user javv --data-binary '{"jsonrpc": "1.0", "id":"curltest", "method": "preciousblock", "params": ["52113140000000018ac731cd6994e7079118b5c9b2633f0f5fa75bac18c64eac591478849b17fbd"] }' -H 'content-type: text/plain;' http://127.0.0.1:8332/|jq

it seems that method preciousblock has the same problem, i can add some arbitrary number before the real hash, here i add 52113140000 before 000018ac731cd6994e7079118b5c9b2633f0f5fa75bac18c64eac591478849b17fbd :)

This has been fixed in 0.18.0:

getblockstats '"000000000000000019d6689c085ae165831e934ff763ae46a2a6c172b3f1b60a8ce26f"'
hash_or_height must be of length 64 (not 70, for '000000000000000019d6689c085ae165831e934ff763ae46a2a6c172b3f1b60a8ce26f') (code -8)

preciousblock 52113140000000018ac731cd6994e7079118b5c9b2633f0f5fa75bac18c64eac591478849b17fbd
blockhash must be of length 64 (not 79, for '52113140000000018ac731cd6994e7079118b5c9b2633f0f5fa75bac18c64eac591478849b17fbd') (code -8)

I was curious what changed, but it looks like this was fixed by #13424