go/mailpit
1
0
Fork 0
mirror of https://github.com/axllent/mailpit.git synced 2025-05-31 23:09:51 +02:00
Code Issues Releases Activity

Security: Use strconv.Atoi() for safe string to int conversions

Browse Source
This commit is contained in:
Ralph Slooten 2022-08-06 23:35:58 +12:00
parent 37eec298d7
commit 056bef7d5e
1 changed files with 4 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
server/server.go
View File

@ -156,16 +156,13 @@ func getStartLimit(req *http.Request) (start int, limit int) {
limit = 50
s := req.URL.Query().Get("start")
if n, e := strconv.ParseInt(s, 10, 64); e == nil && n > 0 {
start = int(n)
if n, err := strconv.Atoi(s); err == nil && n > 0 {
start = n
}
l := req.URL.Query().Get("limit")
if n, e := strconv.ParseInt(l, 10, 64); e == nil && n > 0 {
if n > 500 {
n = 500
}
limit = int(n)
if n, err := strconv.Atoi(l); err == nil && n > 0 {
limit = n
}
return start, limit