limit days length - Githubissues

contribsys / faktory

Language-agnostic persistent background job server

https://contribsys.com/faktory/

Other

5.66k stars 226 forks source link

limit days length #438

Closed Malayke closed 1 year ago

Malayke commented 1 year ago

limit the days length from URL query parameter to prevent out-of-memory in the (store *redisStore) History function

mperham commented 1 year ago

I would also put a check in the History function itself to limit its output anywhere it is called. Check the days input here:

https://github.com/contribsys/faktory/blob/314dab27911feeaebda8c8a0dc3e9dbb5358987c/storage/history.go#L35

Malayke commented 1 year ago

In my opinion, unreliable data submitted by users should be checked at its source, which means within the "days" function. If the check is done within the "History" function, there may still be issues if other functions subsequently call the "days" function.

mperham commented 1 year ago

I want the check in BOTH places.

Malayke commented 1 year ago

of course, it's up to you.

Malayke commented 1 year ago

hi @mperham , we added value check both in days and history function for now.

mperham commented 1 year ago

Looks like CI is broken, can't merge until I fix that.

mperham commented 1 year ago

Fixed, please merge main now so we can run CI.

mperham commented 1 year ago

Thank you!