From 14f2ed32f13b55dbce0f417f21ccf7b68056ae05 Mon Sep 17 00:00:00 2001 From: Rasmus Dahlberg Date: Fri, 30 Oct 2020 16:09:11 +0100 Subject: added max range and get-entries sanity checking --- handler.go | 20 +++++--------------- 1 file changed, 5 insertions(+), 15 deletions(-) (limited to 'handler.go') diff --git a/handler.go b/handler.go index ae91bef..7b3edf9 100644 --- a/handler.go +++ b/handler.go @@ -80,11 +80,11 @@ func addEntry(ctx context.Context, i *Instance, w http.ResponseWriter, r *http.R // getEntries provides a list of entries from the Trillian backend func getEntries(ctx context.Context, i *Instance, w http.ResponseWriter, r *http.Request) (int, error) { - glog.Info("in getEntries") - request, err := NewGetEntriesRequest(r) + glog.Info("handling get-entries request") + request, err := NewGetEntriesRequest(i.LogParameters, r) if err != nil { return http.StatusBadRequest, err - } // request can be decoded and is valid + } // request can be decoded and is mostly valid (range not cmp vs tree size) trillianRequest := trillian.GetLeavesByRangeRequest{ LogId: i.LogParameters.TreeId, @@ -95,19 +95,9 @@ func getEntries(ctx context.Context, i *Instance, w http.ResponseWriter, r *http if err != nil { return http.StatusInternalServerError, fmt.Errorf("backend GetLeavesByRange request failed: %v", err) } - - // Santity check - if len(trillianResponse.Leaves) > int(request.End-request.Start+1) { - return http.StatusInternalServerError, fmt.Errorf("backend GetLeavesByRange returned too many leaves: %d for [%d,%d]", len(trillianResponse.Leaves), request.Start, request.End) - } - for i, leaf := range trillianResponse.Leaves { - if leaf.LeafIndex != request.Start+int64(i) { - return http.StatusInternalServerError, fmt.Errorf("backend GetLeavesByRange returned unexpected leaf index: wanted %d, got %d", request.Start+int64(i), leaf.LeafIndex) - } - - glog.Infof("Leaf(%d) => %v", request.Start+int64(i), leaf.GetLeafValue()) + if status, err := checkGetLeavesByRange(trillianResponse, request); err != nil { + return status, err } - // TODO: use the returned root for tree_size santity checking against start? response, err := NewGetEntriesResponse(trillianResponse.Leaves) if err != nil { -- cgit v1.2.3