Skip to content

fix: add bounds validation to token metadata type guard (CWE-1236)#964

Merged
Ejirowebfi merged 2 commits into
Favourorg:mainfrom
olaleyeolajide81-sketch:fix/validate-token-metadata
Jul 18, 2026
Merged

fix: add bounds validation to token metadata type guard (CWE-1236)#964
Ejirowebfi merged 2 commits into
Favourorg:mainfrom
olaleyeolajide81-sketch:fix/validate-token-metadata

Conversation

@olaleyeolajide81-sketch

Copy link
Copy Markdown
Contributor

Description

Beyond the description-length issue (#18), isTokenMetadata doesn't validate name length/content either, and doesn't validate that image/description/name are non-empty. Since this is the sole gate between arbitrary IPFS-pinned JSON and values the app treats as trusted, well-formed TokenMetadata throughout rendering, search/filter (tokenFilters.ts), and export code paths, any assumption those downstream consumers make about field shape beyond "is a string" is unverified. This is a narrower, related instance of the broader theme in #14/#18/#20 — the metadata read path is the weakest input-validation boundary in the app relative to how much of the UI trusts its output.

Tasks

Consolidate metadata validation into one well-tested function (potentially unifying with the fixes from #14 and #18) that checks: name non-empty and within a sane length, description within the length cap from #18, image matches isValidIPFSUri per #14.
Add unit tests for each rejected case (empty name, oversized name, non-IPFS image, oversized description) asserting getMetadata throws IPFSUploadError rather than returning a partially-invalid object.
Audit tokenFilters.ts and any search/sort code for assumptions about metadata field content that this stricter validation should now guarantee.
Acceptance Criteria

One consolidated, fully-tested metadata validator gates all IPFS-sourced metadata before it enters app state.
No downstream component needs its own defensive checks against malformed metadata shape (though defense-in-depth rendering safeguards from #18 remain).

closes #928

@Ejirowebfi
Ejirowebfi merged commit ab4cb5c into Favourorg:main Jul 18, 2026
8 of 9 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

isTokenMetadata type guard validates shape but not bounds

2 participants