postgres/typesense
1
0
Fork 0
mirror of https://github.com/typesense/typesense.git synced 2025-05-20 13:42:26 +08:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Validate max_hits before parsing as integer.

Browse Source
This commit is contained in:
kishorenc 2020-05-21 21:25:15 +05:30
parent f1d0f279c7
commit 6b754ec37b
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/core_api.cpp
View File

@ -347,6 +347,11 @@ bool get_search(http_req & req, http_res & res) {
return false;
}
if(!StringUtils::is_uint64_t(req.params[MAX_HITS])) {
res.set_400("Parameter `" + std::string(MAX_HITS) + "` must be an unsigned integer.");
return false;
}
std::string filter_str = req.params.count(FILTER) != 0 ? req.params[FILTER] : "";
std::vector<std::string> search_fields;