From bab71e8b1e31af3e72cd12936e834b775f82285b Mon Sep 17 00:00:00 2001 From: pschork <354473+pschork@users.noreply.github.com> Date: Thu, 7 Nov 2024 16:25:55 -0800 Subject: [PATCH] Fix conversion between integer types (#872) Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- disperser/dataapi/server.go | 26 ++++++++++---------------- 1 file changed, 10 insertions(+), 16 deletions(-) diff --git a/disperser/dataapi/server.go b/disperser/dataapi/server.go index 804ed5fd57..abed52e39b 100644 --- a/disperser/dataapi/server.go +++ b/disperser/dataapi/server.go @@ -6,6 +6,7 @@ import ( "encoding/json" "errors" "fmt" + "math" "math/big" "net/http" "os" @@ -898,35 +899,28 @@ func (s *server) FetchOperatorEjections(c *gin.Context) { operatorId := c.DefaultQuery("operator_id", "") // If not specified, defaults to all operators days := c.DefaultQuery("days", "1") // If not specified, defaults to 1 - daysInt, err := strconv.Atoi(days) - if err != nil { + parsedDays, err := strconv.ParseInt(days, 10, 32) + if err != nil || parsedDays < math.MinInt32 || parsedDays > math.MaxInt32 { c.JSON(http.StatusBadRequest, gin.H{"error": "Invalid 'days' parameter"}) return } + daysInt := int32(parsedDays) first := c.DefaultQuery("first", "1000") // If not specified, defaults to 1000 - firstInt, err := strconv.Atoi(first) - if err != nil { - c.JSON(http.StatusBadRequest, gin.H{"error": "Invalid 'first' parameter"}) - return - } - - if firstInt < 1 || firstInt > 10000 { + parsedFirst, err := strconv.ParseInt(first, 10, 32) + if err != nil || parsedFirst < 1 || parsedFirst > 10000 { c.JSON(http.StatusBadRequest, gin.H{"error": "Invalid 'first' parameter. Value must be between 1..10000"}) return } + firstInt := int32(parsedFirst) skip := c.DefaultQuery("skip", "0") // If not specified, defaults to 0 - skipInt, err := strconv.Atoi(skip) - if err != nil { - c.JSON(http.StatusBadRequest, gin.H{"error": "Invalid 'skip' parameter"}) - return - } - - if skipInt < 0 || skipInt > 1000000000 { + parsedSkip, err := strconv.ParseInt(skip, 10, 32) + if err != nil || parsedSkip < 0 || parsedSkip > 1000000000 { c.JSON(http.StatusBadRequest, gin.H{"error": "Invalid 'skip' parameter. Value must be between 0..1000000000"}) return } + skipInt := int32(parsedSkip) operatorEjections, err := s.getOperatorEjections(c.Request.Context(), int32(daysInt), operatorId, uint(firstInt), uint(skipInt)) if err != nil {