From 71a6e3f2e08639b258328791d84a613fcbeb5b0d Mon Sep 17 00:00:00 2001 From: Fabian Stamm Date: Sat, 21 May 2022 17:55:14 +0000 Subject: [PATCH] Fixing security bug --- package.json | 4 ++-- src/targets/typescript.ts | 4 +++- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/package.json b/package.json index 2bf5aa8..9b8afee 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "@hibas123/jrpcgen", - "version": "1.1.1", + "version": "1.1.2", "main": "lib/index.js", "license": "MIT", "packageManager": "yarn@3.1.1", @@ -8,7 +8,7 @@ "start": "ts-node src/index.ts", "test-start": "npm run start -- compile examples/example.jrpc --definition=examples/definition.json -o=ts-node:examples/Typescript/out -o=c#:examples/CSharp/Generated", "test-csharp": "cd examples/CSharp/Example/ && dotnet run", - "test-typescript": "ts-node examples/test.ts", + "test-typescript": "cd examples/Typescript && ts-node test.ts", "test": "npm run test-start && npm run test-csharp && npm run test-typescript", "build": "esbuild src/index.ts --bundle --platform=node --target=node14 --outfile=lib/jrpc.js", "prepublishOnly": "npm run build" diff --git a/src/targets/typescript.ts b/src/targets/typescript.ts index 9dbcb71..48ef7ba 100644 --- a/src/targets/typescript.ts +++ b/src/targets/typescript.ts @@ -372,7 +372,9 @@ export class TypescriptTarget extends CompileTarget { a(2, `if(Array.isArray(params)){`); a(3, `p = params;`); a(3, `while(p.length < ${fnc.inputs.length})`); - a(4, `p.push(undefined)`); + a(4, `p.push(undefined);`); + a(3, `if(p.length > ${fnc.inputs.length})`); + a(4, `throw new Error("Too many parameters!");`); a(2, `} else {`); for (const param of fnc.inputs) { a(3, `p.push(params["${param.name}"])`);