SystemSh0cker/gocsaf
1
0
Fork 0
mirror of https://github.com/gocsaf/csaf.git synced 2025-12-22 11:55:40 +01:00
Code Issues Releases Activity Actions

Make json parsing more strict
Some checks are pending
Go / build (push) Waiting to run
Details
Go / run_modver (push) Blocked by required conditions
Details

Browse source
This commit is contained in:
koplas 2025-07-02 17:06:25 +02:00
parent c833c00f84
commit fc3837d655
No known key found for this signature in database
13 changed files with 68 additions and 36 deletions
Download patch file Download diff file Expand all files Collapse all files

6
csaf/remotevalidation.go
View file

@ -18,6 +18,7 @@ import (
"net/http"
"sync"
"github.com/gocsaf/csaf/v3/internal/misc"
bolt "go.etcd.io/bbolt"
)
@ -180,7 +181,6 @@ func prepareCache(config string) (cache, error) {
return create()
}
return nil
}); err != nil {
db.Close()
return nil, err
@ -256,7 +256,7 @@ func deserialize(value []byte) (*RemoteValidationResult, error) {
}
defer r.Close()
var rvr RemoteValidationResult
if err := json.NewDecoder(r).Decode(&rvr); err != nil {
if err := misc.StrictJSONParse(r, &rvr); err != nil {
return nil, err
}
return &rvr, nil
@ -323,7 +323,7 @@ func (v *remoteValidator) Validate(doc any) (*RemoteValidationResult, error) {
// no cache -> process directly.
in = resp.Body
}
return json.NewDecoder(in).Decode(&rvr)
return misc.StrictJSONParse(in, &rvr)
}(); err != nil {
return nil, err
}