forked from TrueCloudLab/neoneo-go
rpc/server: limit the maximum number of elements for get*transfers
This commit is contained in:
parent
970de84130
commit
6b7ca0ce3f
2 changed files with 13 additions and 0 deletions
|
@ -77,6 +77,9 @@ const (
|
||||||
// treated like subscriber, so technically it's a limit on websocket
|
// treated like subscriber, so technically it's a limit on websocket
|
||||||
// connections.
|
// connections.
|
||||||
maxSubscribers = 64
|
maxSubscribers = 64
|
||||||
|
|
||||||
|
// Maximum number of elements for get*transfers requests.
|
||||||
|
maxTransfersLimit = 1000
|
||||||
)
|
)
|
||||||
|
|
||||||
var rpcHandlers = map[string]func(*Server, request.Params) (interface{}, *response.Error){
|
var rpcHandlers = map[string]func(*Server, request.Params) (interface{}, *response.Error){
|
||||||
|
@ -548,6 +551,8 @@ func (s *Server) getNEP5Balances(ps request.Params) (interface{}, *response.Erro
|
||||||
func getTimestampsAndLimit(ps request.Params, index int) (uint64, uint64, int, int, error) {
|
func getTimestampsAndLimit(ps request.Params, index int) (uint64, uint64, int, int, error) {
|
||||||
var start, end uint64
|
var start, end uint64
|
||||||
var limit, page int
|
var limit, page int
|
||||||
|
|
||||||
|
limit = maxTransfersLimit
|
||||||
pStart, pEnd, pLimit, pPage := ps.Value(index), ps.Value(index+1), ps.Value(index+2), ps.Value(index+3)
|
pStart, pEnd, pLimit, pPage := ps.Value(index), ps.Value(index+1), ps.Value(index+2), ps.Value(index+3)
|
||||||
if pPage != nil {
|
if pPage != nil {
|
||||||
p, err := pPage.GetInt()
|
p, err := pPage.GetInt()
|
||||||
|
@ -567,6 +572,9 @@ func getTimestampsAndLimit(ps request.Params, index int) (uint64, uint64, int, i
|
||||||
if l <= 0 {
|
if l <= 0 {
|
||||||
return 0, 0, 0, 0, errors.New("can't use negative or zero limit")
|
return 0, 0, 0, 0, errors.New("can't use negative or zero limit")
|
||||||
}
|
}
|
||||||
|
if l > maxTransfersLimit {
|
||||||
|
return 0, 0, 0, 0, errors.New("too big limit requested")
|
||||||
|
}
|
||||||
limit = l
|
limit = l
|
||||||
}
|
}
|
||||||
if pEnd != nil {
|
if pEnd != nil {
|
||||||
|
|
|
@ -175,6 +175,11 @@ var rpcTestCases = map[string][]rpcTestCase{
|
||||||
params: `["` + testchain.PrivateKeyByID(0).Address() + `", "1", "2", "bleh"]`,
|
params: `["` + testchain.PrivateKeyByID(0).Address() + `", "1", "2", "bleh"]`,
|
||||||
fail: true,
|
fail: true,
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
name: "invalid limit 3",
|
||||||
|
params: `["` + testchain.PrivateKeyByID(0).Address() + `", "1", "2", "100500"]`,
|
||||||
|
fail: true,
|
||||||
|
},
|
||||||
{
|
{
|
||||||
name: "invalid page",
|
name: "invalid page",
|
||||||
params: `["` + testchain.PrivateKeyByID(0).Address() + `", "1", "2", "3", "-1"]`,
|
params: `["` + testchain.PrivateKeyByID(0).Address() + `", "1", "2", "3", "-1"]`,
|
||||||
|
|
Loading…
Reference in a new issue