From 6b0c8d8bcb74f91fe25672e915402bc05c44bbfe Mon Sep 17 00:00:00 2001
From: slasher125 <slasher125@protonmail.com>
Date: Thu, 16 Feb 2023 16:51:15 +0400
Subject: [PATCH] input check

---
 package-lock.json                    | 14 ++++++++++++++
 package.json                         |  1 +
 src/handlers/getChart.js             |  5 ++++-
 src/handlers/getHistoryLendBorrow.js |  5 ++++-
 4 files changed, 23 insertions(+), 2 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 38a488f..8918af1 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -28,6 +28,7 @@
         "pg-promise": "^10.11.1",
         "simple-statistics": "^7.7.5",
         "superagent": "^6.1.0",
+        "validator": "^13.9.0",
         "web3": "^1.4.0"
       },
       "devDependencies": {
@@ -18617,6 +18618,14 @@
         "builtins": "^1.0.3"
       }
     },
+    "node_modules/validator": {
+      "version": "13.9.0",
+      "resolved": "https://registry.npmjs.org/validator/-/validator-13.9.0.tgz",
+      "integrity": "sha512-B+dGG8U3fdtM0/aNK4/X8CXq/EcxU2WPrPEkJGslb47qyHsxmbggTWK0yEA4qnYVNF+nxNlN88o14hIcPmSIEA==",
+      "engines": {
+        "node": ">= 0.10"
+      }
+    },
     "node_modules/varint": {
       "version": "5.0.2",
       "resolved": "https://registry.npmjs.org/varint/-/varint-5.0.2.tgz",
@@ -34033,6 +34042,11 @@
         "builtins": "^1.0.3"
       }
     },
+    "validator": {
+      "version": "13.9.0",
+      "resolved": "https://registry.npmjs.org/validator/-/validator-13.9.0.tgz",
+      "integrity": "sha512-B+dGG8U3fdtM0/aNK4/X8CXq/EcxU2WPrPEkJGslb47qyHsxmbggTWK0yEA4qnYVNF+nxNlN88o14hIcPmSIEA=="
+    },
     "varint": {
       "version": "5.0.2",
       "resolved": "https://registry.npmjs.org/varint/-/varint-5.0.2.tgz",
diff --git a/package.json b/package.json
index 0e141de..87b74b3 100644
--- a/package.json
+++ b/package.json
@@ -32,6 +32,7 @@
     "pg-promise": "^10.11.1",
     "simple-statistics": "^7.7.5",
     "superagent": "^6.1.0",
+    "validator": "^13.9.0",
     "web3": "^1.4.0"
   },
   "devDependencies": {
diff --git a/src/handlers/getChart.js b/src/handlers/getChart.js
index 8dc068a..71123ec 100644
--- a/src/handlers/getChart.js
+++ b/src/handlers/getChart.js
@@ -1,6 +1,9 @@
 const { getYieldHistory } = require('../controllers/yieldController');
+const validator = require('validator');
 
 module.exports.handler = async (event, context) => {
   context.callbackWaitsForEmptyEventLoop = false;
-  return await getYieldHistory(event.pathParameters.configID);
+  const configID = event.pathParameters.configID;
+  if (!validator.isUUID()) return { status: 'unvalid parameter' };
+  return await getYieldHistory(configID);
 };
diff --git a/src/handlers/getHistoryLendBorrow.js b/src/handlers/getHistoryLendBorrow.js
index 5df7f19..02a6b38 100644
--- a/src/handlers/getHistoryLendBorrow.js
+++ b/src/handlers/getHistoryLendBorrow.js
@@ -1,6 +1,9 @@
 const { getYieldLendBorrowHistory } = require('../controllers/yieldController');
+const validator = require('validator');
 
 module.exports.handler = async (event, context) => {
   context.callbackWaitsForEmptyEventLoop = false;
-  return await getYieldLendBorrowHistory(event.pathParameters.configID);
+  const configID = event.pathParameters.configID;
+  if (!validator.isUUID()) return { status: 'unvalid parameter' };
+  return await getYieldLendBorrowHistory(configID);
 };