Skip to content

Commit

Permalink
Validate the request
Browse files Browse the repository at this point in the history 
The patchset adds validation to the request before using it.

This can help protect from mal-formed request.

Change-Id: Ic6a7a65d6da289d84fe82c3f6e048e396b1f1a0e
Signed-off-by: Baohua Yang <yangbaohua@gmail.com>
Signed-off-by: Baohua Yang <baohua.yang@oracle.com>
  • Loading branch information
@yeasy
yeasy committed Jan 3, 2024
1 parent fc588b5 commit 517d46a
Showing 1 changed file with 5 additions and 0 deletions.
5 changes: 5 additions & 0 deletions internal/pkg/gateway/commitstatus.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,11 @@ func (gs *Server) CommitStatus(ctx context.Context, signedRequest *gp.SignedComm
return nil, status.Errorf(codes.InvalidArgument, "invalid status request: %v", err)
}

// Validate the request has valid channel id and transaction id
if request.GetIdentity() == nil || request.GetChannelId() == "" || request.GetTransactionId() == "" {
return nil, status.Error(codes.InvalidArgument, "request must have valid identity, channel ID and transaction ID")
}

signedData := &protoutil.SignedData{
Data: signedRequest.GetRequest(),
Identity: request.GetIdentity(),
Expand Down

0 comments on commit 517d46a

Please sign in to comment.