Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add /tx-digest-hash endpoint to fetch last x tx digests #88

Open
wants to merge 1 commit into
base: dev
Choose a base branch
from
+51 −2
Open

Add /tx-digest-hash endpoint to fetch last x tx digests #88

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions src/Config.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -61,6 +61,7 @@ export interface Config {
MAX_ORIGINAL_TXS_PER_REQUEST: number
MAX_CYCLES_PER_REQUEST: number
MAX_BETWEEN_CYCLES_PER_REQUEST: number
MAX_DIGESTS_PER_REQUEST: number
}
cycleRecordsCache: {
enabled: boolean
Expand Down Expand Up @@ -157,6 +158,7 @@ let config: Config = {
MAX_ORIGINAL_TXS_PER_REQUEST: 100,
MAX_CYCLES_PER_REQUEST: 100,
MAX_BETWEEN_CYCLES_PER_REQUEST: 100,
MAX_DIGESTS_PER_REQUEST: 100,
},
cycleRecordsCache: {
enabled: false,
Expand Down
28 changes: 27 additions & 1 deletion src/txDigester/api.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,13 +1,18 @@
import { FastifyInstance, FastifyRequest } from 'fastify'
import { Server, IncomingMessage, ServerResponse } from 'http'
import { getTxDigestsForACycleRange } from './txDigestFunctions'
import { getLatestTxDigests, getTxDigestsForACycleRange } from './txDigestFunctions'
import { config } from '../Config'
import * as Utils from '../Utils'

type GetTxDigestsRequest = FastifyRequest<{
Querystring: {
cycleStart: number
cycleEnd: number
}
}>
type GetLatestTxDigestsRequest = FastifyRequest<{
Params: { count: string }
}>

/* To-Do: Add LRU cache for the tx-digests */
export function registerRoutes(server: FastifyInstance<Server, IncomingMessage, ServerResponse>): void {
Expand All @@ -34,4 +39,25 @@
console.log('Fetched Tx digests', txDigests)
reply.send(txDigests)
})

server.get('/api/tx-digest-hash/:count', async (_request: GetLatestTxDigestsRequest, reply) => {
const err = Utils.validateTypes(_request.params, { count: 's' })
if (err) {
reply.send({ success: false, error: err })
return
}
let count: number = parseInt(_request.params.count)
if (count <= 0 || Number.isNaN(count)) {
reply.send({ success: false, error: `Invalid count` })
return
}
if (count > config.REQUEST_LIMIT.MAX_DIGESTS_PER_REQUEST) {
count = config.REQUEST_LIMIT.MAX_DIGESTS_PER_REQUEST
}

console.log(`Fetching latest ${count} tx digests`)

Check warning

Code scanning / CodeQL

Log injection Medium

Log entry depends on a
user-provided value
Loading
.

Copilot Autofix AI about 1 month ago

To fix the log injection issue, we need to sanitize the count parameter before using it in the log statement. Specifically, we should ensure that the count parameter does not contain any characters that could be interpreted as new lines or other control characters. This can be achieved by converting the count to a string and replacing any newline characters with an empty string.

Suggested changeset 1
src/txDigester/api.ts

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/src/txDigester/api.ts b/src/txDigester/api.ts
--- a/src/txDigester/api.ts
+++ b/src/txDigester/api.ts
@@ -56,4 +56,5 @@
     }
-    
-    console.log(`Fetching latest ${count} tx digests`)
+    // Sanitize the count parameter to prevent log injection
+    const sanitizedCount = count.toString().replace(/\n|\r/g, "")
+    console.log(`Fetching latest ${sanitizedCount} tx digests`)
     const txDigests = await getLatestTxDigests(count)
EOF
@@ -56,4 +56,5 @@
}

console.log(`Fetching latest ${count} tx digests`)
// Sanitize the count parameter to prevent log injection
const sanitizedCount = count.toString().replace(/\n|\r/g, "")
console.log(`Fetching latest ${sanitizedCount} tx digests`)
const txDigests = await getLatestTxDigests(count)
Copilot is powered by AI and may make mistakes. Always verify output.
Positive Feedback
Negative Feedback

Provide additional feedback

Please help us improve GitHub Copilot by sharing more details about this comment.

Please select one or more of the options
const txDigests = await getLatestTxDigests(count)
console.log('Fetched Tx digests', txDigests)
reply.send(txDigests)
})
}
7 changes: 7 additions & 0 deletions src/txDigester/txDigestFunctions.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -102,3 +102,10 @@ export const getTxDigestsForACycleRange = async (
const txDigests: txDigest.TransactionDigest[] = await txDigest.queryByCycleRange(cycleStart, cycleEnd)
return txDigests
}

export const getLatestTxDigests = async (
count: number
): Promise<txDigest.TransactionDigest[]> => {
const txDigests: txDigest.TransactionDigest[] = await txDigest.queryLatestTxDigests(count)
return txDigests
}
16 changes: 15 additions & 1 deletion src/txDigester/txDigests.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -79,7 +79,21 @@ export async function queryByCycleRange(startCycle: number, endCycle: number): P
}
return txDigests || []
} catch (e) {
console.error(e)
console.error('Error fetching txDigests from DB: ', e)
return []
}
}

export async function queryLatestTxDigests(count: number): Promise<TransactionDigest[]> {
try {
const sql = `SELECT * FROM txDigests ORDER BY cycleEnd DESC LIMIT ?`
const txDigests = (await db.all(digesterDatabase, sql, [count])) as TransactionDigest[]
if (config.VERBOSE) {
console.log('Latest Tx Digests', txDigests)
}
return txDigests || []
} catch (e) {
console.error('Error fetching latest tx digests from DB: ', e)
return []
}
}
Loading