Validate max_hits before parsing as integer.

This commit is contained in:
kishorenc 2020-05-21 21:25:15 +05:30
parent f1d0f279c7
commit 6b754ec37b

View File

@ -347,6 +347,11 @@ bool get_search(http_req & req, http_res & res) {
return false;
}
if(!StringUtils::is_uint64_t(req.params[MAX_HITS])) {
res.set_400("Parameter `" + std::string(MAX_HITS) + "` must be an unsigned integer.");
return false;
}
std::string filter_str = req.params.count(FILTER) != 0 ? req.params[FILTER] : "";
std::vector<std::string> search_fields;