Fix erroneous JSON data loading #5

Merged
seabass merged 1 commits from seabass/matchbot:fix-json-loading into master 2022-03-29 21:15:14 +02:00
Owner

This pull request resolves issue #4, fixing a security vulnerability described in that issue.

Commits

Move processing out of clojure.data.json/read call

This commit removes from the call to clojure.data.json/read the conversion of the serialised list of players into a Clojure set, and adds an independent function to do this task instead.

Since the structure of the serialised data is known in advance, the recursive characteristics of clojure.data.json are not needed.

This pull request resolves issue #4, fixing a security vulnerability described in that issue. # Commits ## [Move processing out of clojure.data.json/read call](https://git.libregaming.org/seabass/matchbot/commit/6cce43f137e38bc07b9f21532a06a72b88b60db6) This commit removes from the call to clojure.data.json/read the conversion of the serialised list of players into a Clojure set, and adds an independent function to do this task instead. Since the structure of the serialised data is known in advance, the recursive characteristics of clojure.data.json are not needed.
seabass added this to the 1.0.1 milestone 2022-03-28 23:24:06 +02:00
seabass added the
security
label 2022-03-28 23:24:06 +02:00
seabass added 1 commit 2022-03-28 23:24:07 +02:00
6cce43f137 Move processing out of clojure.data.json/read call
This commit removes from the call to clojure.data.json/read the
conversion of the serialised list of players into a Clojure set, and
adds an independent function to do this task instead.

Since the structure of the serialised data is known in advance, the
recursive characteristics of clojure.data.json are not needed.

Resolves issue #4

Signed-off-by: Sebastian Crane <seabass-labrax@gmx.com>
seabass merged commit 6cce43f137 into master 2022-03-29 21:15:14 +02:00
Sign in to join this conversation.
No reviewers
No Label
security
No Milestone
No project
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Reference: LibreGaming/matchbot#5
No description provided.