From 7b4bb6eb543aaa784466ab11c0004a05e6ecde23 Mon Sep 17 00:00:00 2001 From: tnasu Date: Fri, 7 Oct 2022 18:10:45 +0900 Subject: [PATCH] Use `ReadFileWithSizeLimit` on `x/distribution` --- CHANGELOG.md | 1 + x/distribution/client/cli/utils.go | 8 +++++--- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index fc787270b7..cf27fb0f96 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -74,6 +74,7 @@ Ref: https://keepachangelog.com/en/1.0.0/ * (x/foundation) [\#686](https://github.com/line/lbm-sdk/pull/686) remove `Minthreshold` and `MinPercentage` from x/foundation config * (x/foundation) [\#693](https://github.com/line/lbm-sdk/pull/693) add pool to the state of x/foundation * (x/wasm) [\#696](https://github.com/line/lbm-sdk/pull/696) x/wasm - add checking a wasm file size before reading it +* (x/distribution) [\#696](https://github.com/line/lbm-sdk/pull/696) x/distribution - add checking a proposal file size before reading it ### Bug Fixes * (x/wasm) [\#453](https://github.com/line/lbm-sdk/pull/453) modify wasm grpc query api path diff --git a/x/distribution/client/cli/utils.go b/x/distribution/client/cli/utils.go index d63702dacf..bb00838d3c 100644 --- a/x/distribution/client/cli/utils.go +++ b/x/distribution/client/cli/utils.go @@ -1,9 +1,8 @@ package cli import ( - "os" - "github.com/line/lbm-sdk/codec" + "github.com/line/lbm-sdk/internal/os" "github.com/line/lbm-sdk/x/distribution/types" ) @@ -11,7 +10,10 @@ import ( func ParseCommunityPoolSpendProposalWithDeposit(cdc codec.JSONCodec, proposalFile string) (types.CommunityPoolSpendProposalWithDeposit, error) { proposal := types.CommunityPoolSpendProposalWithDeposit{} - contents, err := os.ReadFile(proposalFile) + // 2M size limit is enough for a proposal. + // Check the proposals: + // https://hubble.figment.io/cosmos/chains/cosmoshub-4/governance + contents, err := os.ReadFileWithSizeLimit(proposalFile, 2*1024*1024) if err != nil { return proposal, err }