trustedcoin: validate numeric format of OTP user entry (fixes #8905)

2 years ago · da1727b2f7
2 changed files with 7 additions and 1 deletions
--- a/electrum/plugins/trustedcoin/qml/ShowConfirmOTP.qml
+++ b/electrum/plugins/trustedcoin/qml/ShowConfirmOTP.qml
@ -72,6 +72,7 @@ WizardComponent {
            Layout.alignment: Qt.AlignHCenter
            focus: true
            inputMethodHints: Qt.ImhSensitiveData | Qt.ImhDigitsOnly
+            validator: IntValidator {bottom: 0; top: 999999;}
            font.family: FixedFont
            font.pixelSize: constants.fontSizeLarge
            onTextChanged: {
--- a/electrum/plugins/trustedcoin/qt.py
+++ b/electrum/plugins/trustedcoin/qt.py
@ -527,9 +527,14 @@ class WCShowConfirmOTP(WizardComponent):
    def on_otp_edited(self):
        self.otp_status_l.setVisible(False)
        text = self.otp_e.text()
+        if len(text) > 0:
+            try:
+                otp_int = int(text)
+            except ValueError:
+                return
        if len(text) == 6:
            # verify otp
-            self.wizard.trustedcoin_qhelper.checkOtp(self.wizard.trustedcoin_qhelper.shortId, int(text))
+            self.wizard.trustedcoin_qhelper.checkOtp(self.wizard.trustedcoin_qhelper.shortId, otp_int)
            self.setEnabled(False)
            self.spinner_l.setVisible(True)
            self.spinner.start()