Double check the input

author: kaotisk <kaotisk@arching-kaos.org> 2023-09-01 09:23:14 +0300
committer: kaotisk <kaotisk@arching-kaos.org> 2023-09-01 09:23:14 +0300
commit: bfc8039a974bec3dd382ec8c64cc93dfd002a498 (patch)
tree: 7f8c0b11f2186d574cd4c79dec9047102e628778 /api
parent: 0a55c353d61c1f3fa624a1d0c68c419868266095 (diff)
download: arching-kaos-tools-bfc8039a974bec3dd382ec8c64cc93dfd002a498.tar.gz
arching-kaos-tools-bfc8039a974bec3dd382ec8c64cc93dfd002a498.tar.bz2
arching-kaos-tools-bfc8039a974bec3dd382ec8c64cc93dfd002a498.zip
1 files changed, 31 insertions, 25 deletions
diff --git a/api/routes/getZblock/index.js b/api/routes/getZblock/index.js
index 878c240..c975594 100644
--- a/api/routes/getZblock/index.js
+++ b/api/routes/getZblock/index.js
@@ -11,38 +11,44 @@ const config = require("../../config");
  *
  */
 function fetchZblock(zblock, res){
-    const command = spawn("ak-zblock-cache",[zblock]);
-    command.stdout.on("data", data => {
-    });
+    regex= /Qm[A-Za-z0-9]{44}/;
+    if (regex.test(req.params.zblock)){
+        const command = spawn("ak-zblock-cache",[zblock]);
+        command.stdout.on("data", data => {
+        });
 
-    command.stderr.on("data", data => {
-            console.log(`stderr: ${data}`);
-    });
+        command.stderr.on("data", data => {
+                console.log(`stderr: ${data}`);
+        });
 
-    command.on('error', (error) => {
-            console.log(`error: ${error.message}`);
-    });
+        command.on('error', (error) => {
+                console.log(`error: ${error.message}`);
+        });
 
-    command.on("close", code => {
-        console.log(`child process exited with code ${code}`);
+        command.on("close", code => {
+            console.warn(`child process exited with code ${code}`);
 
-        if ( code === 0 ) {
-            const path = config.cacheDir+"/fzblocks/"+zblock;
-            console.log(path)
-            try {
-                if(fs.existsSync(path)){
-                    res.send(JSON.parse(fs.readFileSync(path)));
+            if ( code === 0 ) {
+                const path = config.cacheDir+"/fzblocks/"+zblock;
+                console.log(path)
+                try {
+                    if(fs.existsSync(path)){
+                        res.send(JSON.parse(fs.readFileSync(path)));
+                    }
+                } catch (error) {
+                    res.send({"error":error.message});
                 }
-            } catch (error) {
-                res.send({"error":error.message});
+            } else if ( code === 2){
+                res.send({"error":"The roof is on fire"});
+            } else {
+                res.send({"error":"invalid or unreachable"});
             }
-        } else if ( code === 2){
-            res.send({"error":"The roof is on fire"});
-        } else {
-            res.send({"error":"invalid or unreachable"});
-        }
-    });
+        });
+    } else {
+        res.send({error:"Invalid data: regexp failed to pass"});
+    }
 };
+
 module.exports = (req, res) => {
     console.log(req.params)
     if ( (req.params.zblock) && req.params.zblock.length === 46 ){
author	kaotisk <kaotisk@arching-kaos.org>	2023-09-01 09:23:14 +0300
committer	kaotisk <kaotisk@arching-kaos.org>	2023-09-01 09:23:14 +0300
commit	bfc8039a974bec3dd382ec8c64cc93dfd002a498 (patch)
tree	7f8c0b11f2186d574cd4c79dec9047102e628778 /api
parent	0a55c353d61c1f3fa624a1d0c68c419868266095 (diff)
download	arching-kaos-tools-bfc8039a974bec3dd382ec8c64cc93dfd002a498.tar.gz arching-kaos-tools-bfc8039a974bec3dd382ec8c64cc93dfd002a498.tar.bz2 arching-kaos-tools-bfc8039a974bec3dd382ec8c64cc93dfd002a498.zip