From 7674653eec8d82ee70d722cfb9a1bd3824f37e38 Mon Sep 17 00:00:00 2001 From: Spacelord Date: Sun, 2 Feb 2025 19:47:32 +0100 Subject: [PATCH] Fix crash when using FullTextSearch with only asterisks in query --- src/handlers/db.ts | 12 ++++++++++++ src/routes/api/v1/alertContacts.ts | 6 +++++- 2 files changed, 17 insertions(+), 1 deletion(-) diff --git a/src/handlers/db.ts b/src/handlers/db.ts index c521f43..50ded9f 100644 --- a/src/handlers/db.ts +++ b/src/handlers/db.ts @@ -37,4 +37,16 @@ export function handlePrismaError(errorObj: any, res: Response, source: string) } } + +/** + * Checks if the given query only contains stars + * + * @export + * @param {string} fts_query FullTextSearch query + * @returns {boolean} Does the query only contains *? + */ +export function FTS_starChecker(fts_query: string) { + return(new RegExp("^[*]+$").test(fts_query)); +} + export default prisma; diff --git a/src/routes/api/v1/alertContacts.ts b/src/routes/api/v1/alertContacts.ts index c88591b..b304f27 100644 --- a/src/routes/api/v1/alertContacts.ts +++ b/src/routes/api/v1/alertContacts.ts @@ -1,5 +1,5 @@ import { Request, Response } from 'express'; -import db, { handlePrismaError } from '../../../handlers/db.js'; // Database +import db, { handlePrismaError, FTS_starChecker } from '../../../handlers/db.js'; // Database import log from '../../../handlers/log.js'; import { parseDynamicSortBy } from '../../../helpers/prisma_helpers.js'; import { schema_get, schema_post, schema_patch, schema_del } from './alertContacts_schema.js'; @@ -15,6 +15,10 @@ async function get(req: Request, res: Response) { // Query with FullTextSearch if (value.search !== undefined || value.id !== undefined) { + if (value.search !== undefined && FTS_starChecker(value.search)) { + res.status(400).json({ status: 'ERROR', errorcode: 'VALIDATION_ERROR', message: 'Search query cannot contain only asterisk/s (*)' }); + return; + } // with FullTextSearch if (!value.count) { // get all entrys