Validate emoji name length before saving to database

rafaelcaricio · Apr 6, 2023 · e950189 · e950189
1 parent 970071a
commit e950189
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 0 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -25,6 +25,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 
 - Added missing `CHECK` constraints to database tables.
 - Validate object ID length before saving post to database.
+- Validate emoji name length before saving to database.
 
 ## [1.19.1] - 2023-03-31
 

diff --git a/src/validators/emojis.rs b/src/validators/emojis.rs
@@ -3,6 +3,7 @@ use regex::Regex;
 use crate::errors::ValidationError;
 
 const EMOJI_NAME_RE: &str = r"^[a-zA-Z0-9._-]+$";
+const EMOJI_NAME_SIZE_MAX: usize = 100; // database column limit
 pub const EMOJI_MAX_SIZE: usize = 500 * 1000; // 500 kB
 pub const EMOJI_LOCAL_MAX_SIZE: usize = 50 * 1000; // 50 kB
 pub const EMOJI_MEDIA_TYPES: [&str; 4] = [
@@ -17,6 +18,9 @@ pub fn validate_emoji_name(emoji_name: &str) -> Result<(), ValidationError> {
     if !name_re.is_match(emoji_name) {
         return Err(ValidationError("invalid emoji name"));
     };
+    if emoji_name.len() > EMOJI_NAME_SIZE_MAX {
+        return Err(ValidationError("emoji name is too long"));
+    };
     Ok(())
 }