limit update version string length (#61)

This commit is contained in:
Alex Goodman 2020-07-23 20:35:26 -04:00 committed by GitHub
parent 1891972748
commit bfca4d9e62
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 11 additions and 0 deletions

View file

@ -64,5 +64,9 @@ func fetchLatestApplicationVersion() (*hashiVersion.Version, error) {
} }
versionStr := strings.TrimSuffix(string(versionBytes), "\n") versionStr := strings.TrimSuffix(string(versionBytes), "\n")
if len(versionStr) > 50 {
return nil, fmt.Errorf("version too long: %q", versionStr[:50])
}
return hashiVersion.NewVersion(versionStr) return hashiVersion.NewVersion(versionStr)
} }

View file

@ -168,6 +168,13 @@ func TestFetchLatestApplicationVersion(t *testing.T) {
expected: nil, expected: nil,
err: true, err: true,
}, },
{
name: "too long",
response: "this is really long this is really long this is really long this is really long this is really long this is really long this is really long this is really long ",
code: 200,
expected: nil,
err: true,
},
} }
for _, test := range tests { for _, test := range tests {