Skip to content

Commit

Permalink
Add safety checks for toplist array and user IDs in updateBadgeholders
Browse files Browse the repository at this point in the history
  • Loading branch information
@DieterReinert
DieterReinert authored Dec 8, 2024
1 parent 7e6f448 commit 487be05
Showing 1 changed file with 30 additions and 4 deletions.
34 changes: 30 additions & 4 deletions server/chat-plugins/seasons.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -152,6 +152,12 @@ export async function getLadderTop(format: string) {
Monitor.crashlog(parseError, "Invalid JSON response from ladder request");
return null;
}

// Check that toplist is defined and is an array
if (!reply || !Array.isArray(reply.toplist)) {
Monitor.crashlog(new Error(`Invalid toplist format: ${JSON.stringify(reply)}`), "Ladder toplist read error");
return null;
}
return reply.toplist;
} catch (e) {
Monitor.crashlog(e, "A season ladder request");
Expand All @@ -165,22 +171,42 @@ export async function updateBadgeholders() {
if (!data.badgeholders[period]) {
data.badgeholders[period] = {};
}
for (const formatName of data.formatSchedule[findPeriod()]) {

Check failure on line 174 in server/chat-plugins/seasons.ts

View workflow job for this annotation

GitHub Actions / build (16.x) 

Trailing spaces not allowed
const currentPeriod = findPeriod();
const scheduledFormats = data.formatSchedule[currentPeriod];
if (!scheduledFormats) {
Monitor.crashlog(new Error(`No format schedule found for period ${currentPeriod}`), "Season badge update");
return;
}

for (const formatName of scheduledFormats) {
const formatid = `gen${Dex.gen}${formatName}`;
const response = await getLadderTop(formatid);
if (!response) continue; // ??

Check failure on line 185 in server/chat-plugins/seasons.ts

View workflow job for this annotation

GitHub Actions / build (16.x) 

Trailing spaces not allowed
// Ensure response is an array
if (!response || !Array.isArray(response)) {
continue;
}

const newHolders: Record<string, string[]> = {};
for (const [i, row] of response.entries()) {
let badgeType = null;
// Ensure row.userid is safe and a string
const userid = Utils.getString(row.userid);
if (!userid) {
continue; // skip if userid isn't readable
}

let badgeType: string | null = null;
for (const type in BADGE_THRESHOLDS) {
if ((i + 1) <= BADGE_THRESHOLDS[type]) {
badgeType = type;
break;
}
}

if (!badgeType) break;
if (!newHolders[badgeType]) newHolders[badgeType] = [];
newHolders[badgeType].push(row.userid);
newHolders[badgeType].push(userid);
}
data.badgeholders[period][formatid] = newHolders;
}
Expand Down

0 comments on commit 487be05

Please sign in to comment.