Add stronger nonce/confidence parsing (#865)

* Add negative guards for nonce and confirmation number/level

* Fix copy pasta on nonce vs consistencyLevel

* Add more direct int parsing of args

* Remove redundant checks for upper/lower bounds on int parsing

Co-authored-by: claudijd <jclaudius@jumptrading.com>
This commit is contained in:
Jonathan Claudius 2022-02-18 08:43:09 -05:00 committed by GitHub
parent 44c1f9e6a9
commit 6686d6aec8
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 10 deletions

View File

@ -51,25 +51,17 @@ func init() {
} }
func postMessage(cmd *cobra.Command, args []string) { func postMessage(cmd *cobra.Command, args []string) {
nonce, err := strconv.Atoi(args[0]) nonce, err := strconv.ParseUint(args[0], 10, 32)
if err != nil { if err != nil {
cmd.PrintErrln("Could not parse nonce", err) cmd.PrintErrln("Could not parse nonce", err)
os.Exit(1) os.Exit(1)
} }
if nonce > math.MaxUint32 {
cmd.PrintErrln("Nonce must not exceed MaxUint32", err)
os.Exit(1)
}
consistencyLevel, err := strconv.Atoi(args[1]) consistencyLevel, err := strconv.ParseUint(args[1], 10, 8)
if err != nil { if err != nil {
cmd.PrintErrln("Could not parse confirmation number", err) cmd.PrintErrln("Could not parse confirmation number", err)
os.Exit(1) os.Exit(1)
} }
if consistencyLevel > math.MaxUint8 {
cmd.PrintErrln("Confirmation number must not exceed 255", err)
os.Exit(1)
}
message := common.Hex2Bytes(args[2]) message := common.Hex2Bytes(args[2])