Validate emoji name length before saving to database

This commit is contained in:
silverpill 2023-04-06 15:43:44 +00:00
parent 970071a9f0
commit e950189086
2 changed files with 5 additions and 0 deletions

View file

@ -25,6 +25,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
- Added missing `CHECK` constraints to database tables. - Added missing `CHECK` constraints to database tables.
- Validate object ID length before saving post to database. - Validate object ID length before saving post to database.
- Validate emoji name length before saving to database.
## [1.19.1] - 2023-03-31 ## [1.19.1] - 2023-03-31

View file

@ -3,6 +3,7 @@ use regex::Regex;
use crate::errors::ValidationError; use crate::errors::ValidationError;
const EMOJI_NAME_RE: &str = r"^[a-zA-Z0-9._-]+$"; const EMOJI_NAME_RE: &str = r"^[a-zA-Z0-9._-]+$";
const EMOJI_NAME_SIZE_MAX: usize = 100; // database column limit
pub const EMOJI_MAX_SIZE: usize = 500 * 1000; // 500 kB pub const EMOJI_MAX_SIZE: usize = 500 * 1000; // 500 kB
pub const EMOJI_LOCAL_MAX_SIZE: usize = 50 * 1000; // 50 kB pub const EMOJI_LOCAL_MAX_SIZE: usize = 50 * 1000; // 50 kB
pub const EMOJI_MEDIA_TYPES: [&str; 4] = [ pub const EMOJI_MEDIA_TYPES: [&str; 4] = [
@ -17,6 +18,9 @@ pub fn validate_emoji_name(emoji_name: &str) -> Result<(), ValidationError> {
if !name_re.is_match(emoji_name) { if !name_re.is_match(emoji_name) {
return Err(ValidationError("invalid emoji name")); return Err(ValidationError("invalid emoji name"));
}; };
if emoji_name.len() > EMOJI_NAME_SIZE_MAX {
return Err(ValidationError("emoji name is too long"));
};
Ok(()) Ok(())
} }