From 882ca926b9ea33663b02d0b375d965e34da9bc20 Mon Sep 17 00:00:00 2001
From: Ian Shim <shim@fastmail.com>
Date: Mon, 13 Nov 2023 21:31:56 -0800
Subject: [PATCH] more security params validation

---
 disperser/apiserver/server.go      | 11 ++++++++++-
 disperser/apiserver/server_test.go | 19 ++++++++++++++++++-
 2 files changed, 28 insertions(+), 2 deletions(-)

diff --git a/disperser/apiserver/server.go b/disperser/apiserver/server.go
index d3c7395cf..fc90e1009 100644
--- a/disperser/apiserver/server.go
+++ b/disperser/apiserver/server.go
@@ -78,10 +78,19 @@ func (s *DispersalServer) DisperseBlob(ctx context.Context, req *pb.DisperseBlob
 	if len(securityParams) == 0 {
 		return nil, fmt.Errorf("invalid request: security_params must not be empty")
 	}
+	if len(securityParams) > 256 {
+		return nil, fmt.Errorf("invalid request: security_params must not exceed 256")
+	}
 
+	seenQuorums := make(map[uint32]struct{})
 	// The quorum ID must be in range [0, 255]. It'll actually be converted
 	// to uint8, so it cannot be greater than 255.
 	for _, param := range securityParams {
+		if _, ok := seenQuorums[param.QuorumId]; ok {
+			return nil, fmt.Errorf("invalid request: security_params must not contain duplicate quorum_id")
+		}
+		seenQuorums[param.QuorumId] = struct{}{}
+
 		if param.GetQuorumId() >= uint32(s.quorumCount) {
 			err := s.updateQuorumCount(ctx)
 			if err != nil {
@@ -89,7 +98,7 @@ func (s *DispersalServer) DisperseBlob(ctx context.Context, req *pb.DisperseBlob
 			}
 
 			if param.GetQuorumId() >= uint32(s.quorumCount) {
-				return nil, fmt.Errorf("Invalid request: the quorum_id must be in range [0, %d], but found %d", s.quorumCount-1, param.GetQuorumId())
+				return nil, fmt.Errorf("invalid request: the quorum_id must be in range [0, %d], but found %d", s.quorumCount-1, param.GetQuorumId())
 			}
 		}
 	}
diff --git a/disperser/apiserver/server_test.go b/disperser/apiserver/server_test.go
index 9d3dd075a..309a3bc82 100644
--- a/disperser/apiserver/server_test.go
+++ b/disperser/apiserver/server_test.go
@@ -81,7 +81,24 @@ func TestDisperseBlobWithInvalidQuorum(t *testing.T) {
 			},
 		},
 	})
-	assert.ErrorContains(t, err, "Invalid request: the quorum_id must be in range [0, 1], but found 2")
+	assert.ErrorContains(t, err, "invalid request: the quorum_id must be in range [0, 1], but found 2")
+
+	_, err = dispersalServer.DisperseBlob(ctx, &pb.DisperseBlobRequest{
+		Data: data,
+		SecurityParams: []*pb.SecurityParams{
+			{
+				QuorumId:           0,
+				AdversaryThreshold: 80,
+				QuorumThreshold:    100,
+			},
+			{
+				QuorumId:           0,
+				AdversaryThreshold: 50,
+				QuorumThreshold:    90,
+			},
+		},
+	})
+	assert.ErrorContains(t, err, "invalid request: security_params must not contain duplicate quorum_id")
 }
 
 func TestGetBlobStatus(t *testing.T) {