chandlerswift/nau-sidewalks
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Add bounds checking on user-supplied input

Browse source
This commit is contained in:
Chandler Swift 2025-02-12 23:13:06 -06:00
parent 3b523f7742
commit 4068146c44
Signed by: chandlerswift
GPG key ID: A851D929D52FB93F
1 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
main.go
View file

@ -46,7 +46,7 @@ func main() {
if err := json.Unmarshal(sidewalk_data, &sidewalks); err != nil { if err := json.Unmarshal(sidewalk_data, &sidewalks); err != nil {
log.Fatalf("Error decoding JSON: %v", err) log.Fatalf("Error decoding JSON: %v", err)
} }
sidewalksLen := len(sidewalks)
for i := range sidewalks { for i := range sidewalks {
sidewalks[i].Condition = sidewalk.Condition(rand.IntN(4)) sidewalks[i].Condition = sidewalk.Condition(rand.IntN(4))
} }
@ -71,7 +71,7 @@ func main() {
return return
} }
sidewalkID, err := strconv.Atoi(r.PathValue("id")) sidewalkID, err := strconv.Atoi(r.PathValue("id"))
if err != nil { if err != nil || sidewalkID < 0 || sidewalkID >= sidewalksLen {
http.Error(w, "Invalid id", http.StatusBadRequest) http.Error(w, "Invalid id", http.StatusBadRequest)
return return
} }
@ -87,7 +87,7 @@ func main() {
http.Redirect(w, r, "/", http.StatusSeeOther) http.Redirect(w, r, "/", http.StatusSeeOther)
}) })
fmt.Printf("Serving on :%v\n", *port) fmt.Printf("Serving %v sidewalks on :%v\n", &sidewalksLen, *port)
panic(http.ListenAndServe(fmt.Sprintf(":%v", *port), nil)) panic(http.ListenAndServe(fmt.Sprintf(":%v", *port), nil))
} }