davide/purple-explorer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fixed string type query length vulnerabilty

Browse Source
This commit is contained in:
joeuhren
2020-11-20 11:02:27 -07:00
parent 3f7d87642f
commit 7f5a52e458
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app.js
+2 -1
View File
@@ -133,7 +133,8 @@ app.use('/ext/getbasicstats', function(req,res){
}); });
app.use('/ext/getaddresstxsajax', function(req,res){ app.use('/ext/getaddresstxsajax', function(req,res){
if(typeof req.query.length === 'undefined' || req.query.length > settings.txcount){ req.query.length = parseInt(req.query.length);
if(isNaN(req.query.length) || req.query.length > settings.index.last_txs){
req.query.length = settings.txcount; req.query.length = settings.txcount;
} }
db.get_address_txs_ajax(req.query.address, req.query.start, req.query.length,function(txs, count){ db.get_address_txs_ajax(req.query.address, req.query.start, req.query.length,function(txs, count){