Crash with invalid integer value for `gt_last_modified`
Closed this issue · 0 comments
leplatrem commented
For example:
querystring = {
_sort: "last_modified",
gt_last_modified: "171103608603432920249' or '7127'='7127"
}
crashes with
DataError (psycopg2.errors.NumericValueOutOfRange) value "171103608603432920249' or '7127'='7127" is out of range for type bigint
LINE 7: AND as_epoch(last_modified) > '17110360860343292...
We should check here that integer is passed:
kinto/kinto/core/resource/__init__.py
Lines 1130 to 1131 in cb9cbf7