From 0430aa8f23401d7c7a6265b65acf740c1cc4bd34 Mon Sep 17 00:00:00 2001 From: IsaccoSordo Date: Wed, 17 Jul 2024 12:52:22 +0200 Subject: [PATCH 1/2] fix: add amount check --- packages/beacon-dapp/src/dapp-client/DAppClient.ts | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/packages/beacon-dapp/src/dapp-client/DAppClient.ts b/packages/beacon-dapp/src/dapp-client/DAppClient.ts index ef6067219..b5c9c41e2 100644 --- a/packages/beacon-dapp/src/dapp-client/DAppClient.ts +++ b/packages/beacon-dapp/src/dapp-client/DAppClient.ts @@ -1778,6 +1778,14 @@ export class DAppClient extends Client { throw await this.sendInternalError('No active account!') } + if ( + input.operationDetails.some( + (detail: any) => detail.amount && detail.amount > Number.MAX_SAFE_INTEGER * 1_000_000 + ) + ) { + throw await this.sendInternalError('The amount requested is too large.') + } + const request: OperationRequestInput = { type: BeaconMessageType.OperationRequest, network: activeAccount.network || this.network, From 15d81b954a2ad87f5b5fb1250316f3ca9f6cc587 Mon Sep 17 00:00:00 2001 From: IsaccoSordo Date: Wed, 17 Jul 2024 13:22:57 +0200 Subject: [PATCH 2/2] chore: add number cast --- packages/beacon-dapp/src/dapp-client/DAppClient.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/beacon-dapp/src/dapp-client/DAppClient.ts b/packages/beacon-dapp/src/dapp-client/DAppClient.ts index b5c9c41e2..aa37326e8 100644 --- a/packages/beacon-dapp/src/dapp-client/DAppClient.ts +++ b/packages/beacon-dapp/src/dapp-client/DAppClient.ts @@ -1780,7 +1780,7 @@ export class DAppClient extends Client { if ( input.operationDetails.some( - (detail: any) => detail.amount && detail.amount > Number.MAX_SAFE_INTEGER * 1_000_000 + (detail: any) => detail.amount && Number(detail.amount) > Number.MAX_SAFE_INTEGER * 1_000_000 ) ) { throw await this.sendInternalError('The amount requested is too large.')