Skip to content

Commit

Permalink
Merge pull request onflow#6567 from AndriiDiachuk/improve-bounds-chec…
Browse files Browse the repository at this point in the history
…king-in-converter

[Access] Improve bounds checking in rest converters
  • Loading branch information
peterargue authored Nov 1, 2024
2 parents 0fba2ae + 240baac commit 681dd9a
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 0 deletions.
1 change: 1 addition & 0 deletions engine/access/rest/routes/transactions_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -403,6 +403,7 @@ func TestCreateTransaction(t *testing.T) {
{"reference_block_id", "-1", `{"code":400, "message":"invalid reference block ID: invalid ID format"}`},
{"reference_block_id", "", `{"code":400, "message":"reference block not provided"}`},
{"gas_limit", "-1", `{"code":400, "message":"invalid gas limit: value must be an unsigned 64 bit integer"}`},
{"gas_limit", "18446744073709551616", `{"code":400, "message":"invalid gas limit: value overflows uint64 range"}`},
{"payer", "yo", `{"code":400, "message":"invalid payer: invalid address"}`},
{"proposal_key", "yo", `{"code":400, "message":"request body contains an invalid value for the \"proposal_key\" field (at position 461)"}`},
{"authorizers", "", `{"code":400, "message":"request body contains an invalid value for the \"authorizers\" field (at position 32)"}`},
Expand Down
7 changes: 7 additions & 0 deletions engine/access/rest/util/converter.go
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ package util

import (
"encoding/base64"
"errors"
"fmt"
"strconv"
)
Expand All @@ -15,6 +16,9 @@ func FromUint[U uint | uint64 | uint32](number U) string {
func ToUint64(uint64Str string) (uint64, error) {
val, err := strconv.ParseUint(uint64Str, 10, 64)
if err != nil {
if errors.Is(err, strconv.ErrRange) {
return 0, fmt.Errorf("value overflows uint64 range")
}
return 0, fmt.Errorf("value must be an unsigned 64 bit integer") // hide error from user
}
return val, nil
Expand All @@ -24,6 +28,9 @@ func ToUint64(uint64Str string) (uint64, error) {
func ToUint32(uint32Str string) (uint32, error) {
val, err := strconv.ParseUint(uint32Str, 10, 32)
if err != nil {
if errors.Is(err, strconv.ErrRange) {
return 0, fmt.Errorf("value overflows uint32 range")
}
return 0, fmt.Errorf("value must be an unsigned 32 bit integer") // hide error from user
}
return uint32(val), nil
Expand Down

0 comments on commit 681dd9a

Please sign in to comment.