expand/CCash
1
0
Fork 0
mirror of https://github.com/Expand-sys/CCash synced 2026-03-22 12:37:08 +11:00
Code Issues Projects Releases Packages Wiki Activity Actions

requests that accept 2^32 reject arguments larger than 2^32

Browse source
This commit is contained in:
EntireTwix 2022-11-21 22:20:59 -08:00
parent a8b7defb36
commit 1b2c763f0b
1 changed files with 4 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
src/bank_api.cpp
View file

@ -52,7 +52,7 @@ void api::SendFunds(req_args)
{
std::string_view name;
uint64_t amount; // as simdjson lacks .get(uint32_t support)
if (doc["name"].get(name) || doc["amount"].get(amount))
if (doc["name"].get(name) || doc["amount"].get(amount) || (amount > std::numeric_limits<uint32_t>::max()))
{
res = BankResponse{k400BadRequest, "\"Missing/Invalid JSON arg(s)\""};
}
@ -135,7 +135,7 @@ void api::SetBal(req_args)
{
std::string_view name;
uint64_t amount;
if (doc["name"].get(name) || doc["amount"].get(amount))
if (doc["name"].get(name) || doc["amount"].get(amount) || (amount > std::numeric_limits<uint32_t>::max()))
{
res = BankResponse{k400BadRequest, "\"Missing/Invalid JSON arg(s)\""};
}
@ -231,7 +231,7 @@ void api::PruneUsers(req_args)
#if MAX_LOG_SIZE > 0
int64_t time;
uint64_t amount;
if (doc["time"].get(time) || doc["amount"].get(amount))
if (doc["time"].get(time) || doc["amount"].get(amount) || (amount > std::numeric_limits<uint32_t>::max()))
{
res = BankResponse{k400BadRequest, "\"Missing/Invalid JSON arg(s)\""};
}
@ -241,7 +241,7 @@ void api::PruneUsers(req_args)
}
#else
uint64_t amount
if (doc["amount"].get(amount))
if (doc["amount"].get(amount) || (amount > std::numeric_limits<uint32_t>::max()))
{
res = BankResponse{k400BadRequest, "\"Missing/Invalid JSON arg(s)\""};
}