From 52199f1c79b340f272b48b46ce19fc1622c3faea Mon Sep 17 00:00:00 2001
From: cryptozoidberg <crypto.zoidberg@gmail.com>
Date: Thu, 3 Dec 2020 21:15:36 +0100
Subject: [PATCH] fixed seed info validation

---
 src/common/mnemonic-encoding.cpp             | 6 ++++++
 src/common/mnemonic-encoding.h               | 1 +
 src/currency_core/account.cpp                | 7 +++++++
 src/gui/qt-daemon/application/mainwindow.cpp | 1 +
 4 files changed, 15 insertions(+)

diff --git a/src/common/mnemonic-encoding.cpp b/src/common/mnemonic-encoding.cpp
index b5a22c24..c2e3e307 100644
--- a/src/common/mnemonic-encoding.cpp
+++ b/src/common/mnemonic-encoding.cpp
@@ -3379,6 +3379,12 @@ namespace tools
       return wordsArray[n];
     }
 
+    bool valid_word(const std::string& w)
+    {
+      auto it = wordsMap.find(w);
+      return it != wordsMap.end();
+    }
+
     uint64_t num_by_word(const std::string& w)
     {
       auto it = wordsMap.find(w);
diff --git a/src/common/mnemonic-encoding.h b/src/common/mnemonic-encoding.h
index 2e92ffa4..4ce6b9bb 100644
--- a/src/common/mnemonic-encoding.h
+++ b/src/common/mnemonic-encoding.h
@@ -46,5 +46,6 @@ namespace tools
 		std::string binary2text(const std::vector<unsigned char>& binary);
     std::string word_by_num(uint32_t n);
     uint64_t num_by_word(const std::string& w);
+    bool valid_word(const std::string& w);
 	}
 }
diff --git a/src/currency_core/account.cpp b/src/currency_core/account.cpp
index ff8460ab..af50caa6 100644
--- a/src/currency_core/account.cpp
+++ b/src/currency_core/account.cpp
@@ -232,6 +232,13 @@ namespace currency
     std::list<std::string> words;
     boost::split(words, seed_phrase, boost::is_space());
 
+    //let's validate each word 
+    for (const auto& w: words)
+    {
+      if (!tools::mnemonic_encoding::valid_word(words))
+        return false;
+    }
+
     std::string timestamp_word;
     if (words.size() == SEED_PHRASE_V1_WORDS_COUNT)
     {
diff --git a/src/gui/qt-daemon/application/mainwindow.cpp b/src/gui/qt-daemon/application/mainwindow.cpp
index 2d8856a7..d8ffd569 100644
--- a/src/gui/qt-daemon/application/mainwindow.cpp
+++ b/src/gui/qt-daemon/application/mainwindow.cpp
@@ -1989,6 +1989,7 @@ QString MainWindow::get_seed_phrase_info(const QString& param)
   PREPARE_ARG_FROM_JSON(view::seed_info_param, rwtp);
   PREPARE_RESPONSE(view::seed_phrase_info, ar);
   ar.error_code = m_backend.get_seed_phrase_info(rwtp.seed_phrase, rwtp.seed_password, ar.response_data).c_str();
+  LOG_PRINT_CYAN("[get_seed_phrase_info]:" << epee::serialization::store_t_to_json(ar), LOG_LEVEL_0);
   return MAKE_RESPONSE(ar);
   CATCH_ENTRY_FAIL_API_RESPONCE();
 }