status-im
/
go-waku
mirror of https://github.com/status-im/go-waku.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

fix: validate lightpush requests (#1082)

This commit is contained in:
richΛrd 2024-04-15 09:36:18 -04:00 committed by GitHub
parent 714a310462
commit 46b4efec56
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 19 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
cmd/waku/server/rest/lightpush_rest.go
View File

@ -33,6 +33,7 @@ func (msg lightpushRequest) Check() error {
if msg.Message == nil { if msg.Message == nil {
return errors.New("waku message is required") return errors.New("waku message is required")
} }
return nil return nil
} }
@ -66,6 +67,19 @@ func (serv *LightpushService) postMessagev1(w http.ResponseWriter, req *http.Req
message, err := request.Message.ToProto() message, err := request.Message.ToProto()
if err != nil { if err != nil {
w.WriteHeader(http.StatusBadRequest) w.WriteHeader(http.StatusBadRequest)
_, err = w.Write([]byte(err.Error()))
if err != nil {
serv.log.Error("writing response", zap.Error(err))
}
return
}
if err = message.Validate(); err != nil {
w.WriteHeader(http.StatusServiceUnavailable)
_, err = w.Write([]byte(err.Error()))
if err != nil {
serv.log.Error("writing response", zap.Error(err))
}
return return
} }

7
waku/v2/protocol/lightpush/waku_lightpush.go
View File

@ -126,7 +126,7 @@ func (wakuLP *WakuLightPush) onRequest(ctx context.Context) func(network.Stream)
responsePushRPC.RequestId = requestPushRPC.RequestId responsePushRPC.RequestId = requestPushRPC.RequestId
if err := requestPushRPC.ValidateRequest(); err != nil { if err := requestPushRPC.ValidateRequest(); err != nil {
responseMsg := err.Error() responseMsg := "invalid request: " + err.Error()
responsePushRPC.Response.Info = &responseMsg responsePushRPC.Response.Info = &responseMsg
wakuLP.metrics.RecordError(requestBodyFailure) wakuLP.metrics.RecordError(requestBodyFailure)
wakuLP.reply(stream, responsePushRPC, logger) wakuLP.reply(stream, responsePushRPC, logger)
@ -204,6 +204,9 @@ func (wakuLP *WakuLightPush) request(ctx context.Context, req *pb.PushRequest, p
return nil, err return nil, err
} }
pushRequestRPC := &pb.PushRpc{RequestId: hex.EncodeToString(params.requestID), Request: req} pushRequestRPC := &pb.PushRpc{RequestId: hex.EncodeToString(params.requestID), Request: req}
if err = pushRequestRPC.ValidateRequest(); err != nil {
return nil, err
}
writer := pbio.NewDelimitedWriter(stream) writer := pbio.NewDelimitedWriter(stream)
reader := pbio.NewDelimitedReader(stream, math.MaxInt32) reader := pbio.NewDelimitedReader(stream, math.MaxInt32)
@ -233,7 +236,7 @@ func (wakuLP *WakuLightPush) request(ctx context.Context, req *pb.PushRequest, p
if err = pushResponseRPC.ValidateResponse(pushRequestRPC.RequestId); err != nil { if err = pushResponseRPC.ValidateResponse(pushRequestRPC.RequestId); err != nil {
wakuLP.metrics.RecordError(responseBodyFailure) wakuLP.metrics.RecordError(responseBodyFailure)
return nil, err return nil, fmt.Errorf("invalid response: %w", err)
} }
return pushResponseRPC.Response, nil return pushResponseRPC.Response, nil