You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@couchdb.apache.org by ja...@apache.org on 2011/10/29 20:22:31 UTC

git commit: Validate numeric argument to _revs_limit.

Updated Branches:
  refs/heads/master cc486419b -> 3b37d17d1


Validate numeric argument to _revs_limit.

Closes COUCHDB-1087

Patch by Lukasz Mielicki.


Project: http://git-wip-us.apache.org/repos/asf/couchdb/repo
Commit: http://git-wip-us.apache.org/repos/asf/couchdb/commit/3b37d17d
Tree: http://git-wip-us.apache.org/repos/asf/couchdb/tree/3b37d17d
Diff: http://git-wip-us.apache.org/repos/asf/couchdb/diff/3b37d17d

Branch: refs/heads/master
Commit: 3b37d17d1329dbb7515b05a849bfa6131ba1c89b
Parents: cc48641
Author: Jan Lehnardt <ja...@apache.org>
Authored: Sat Oct 29 20:17:11 2011 +0200
Committer: Jan Lehnardt <ja...@apache.org>
Committed: Sat Oct 29 20:21:48 2011 +0200

----------------------------------------------------------------------
 THANKS                                |    1 +
 share/www/script/test/rev_stemming.js |    8 ++++++++
 src/couchdb/couch_httpd_db.erl        |    9 +++++++--
 3 files changed, 16 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/couchdb/blob/3b37d17d/THANKS
----------------------------------------------------------------------
diff --git a/THANKS b/THANKS
index 5b1a03c..320d744 100644
--- a/THANKS
+++ b/THANKS
@@ -89,5 +89,6 @@ suggesting improvements or submitting changes. Some of these people are:
  * Alexander Shorin <kx...@gmail.com>
  * Christopher Bonhage <qu...@me.com>
  * Christian Carter <cd...@gmail.com>
+ * Lukasz Mielicki <mi...@gmail.com>
 
 For a list of authors see the `AUTHORS` file.

http://git-wip-us.apache.org/repos/asf/couchdb/blob/3b37d17d/share/www/script/test/rev_stemming.js
----------------------------------------------------------------------
diff --git a/share/www/script/test/rev_stemming.js b/share/www/script/test/rev_stemming.js
index 03d91c2..3e36f96 100644
--- a/share/www/script/test/rev_stemming.js
+++ b/share/www/script/test/rev_stemming.js
@@ -23,6 +23,14 @@ couchTests.rev_stemming = function(debug) {
 
   T(db.getDbProperty("_revs_limit") == 1000);
 
+  // Make an invalid request to _revs_limit
+  // Should return 400
+  var xhr = CouchDB.request("PUT", "/test_suite_db/_revs_limit", {body:"\"foo\""});
+  T(xhr.status == 400);
+  var result = JSON.parse(xhr.responseText);
+  T(result.error == "bad_request");
+  T(result.reason == "Rev limit has to be an integer");
+
   var doc = {_id:"foo",foo:0}
   for( var i=0; i < newLimit + 1; i++) {
     doc.foo++;

http://git-wip-us.apache.org/repos/asf/couchdb/blob/3b37d17d/src/couchdb/couch_httpd_db.erl
----------------------------------------------------------------------
diff --git a/src/couchdb/couch_httpd_db.erl b/src/couchdb/couch_httpd_db.erl
index 90ca33a..3d2d2c1 100644
--- a/src/couchdb/couch_httpd_db.erl
+++ b/src/couchdb/couch_httpd_db.erl
@@ -422,8 +422,13 @@ db_req(#httpd{path_parts=[_,<<"_security">>]}=Req, _Db) ->
 db_req(#httpd{method='PUT',path_parts=[_,<<"_revs_limit">>]}=Req,
         Db) ->
     Limit = couch_httpd:json_body(Req),
-    ok = couch_db:set_revs_limit(Db, Limit),
-    send_json(Req, {[{<<"ok">>, true}]});
+   case is_integer(Limit) of
+   true ->
+       ok = couch_db:set_revs_limit(Db, Limit),
+       send_json(Req, {[{<<"ok">>, true}]});
+   false ->
+       throw({bad_request, <<"Rev limit has to be an integer">>})
+   end;
 
 db_req(#httpd{method='GET',path_parts=[_,<<"_revs_limit">>]}=Req, Db) ->
     send_json(Req, couch_db:get_revs_limit(Db));