From e5c44c9c2a0d78d1a9839cba57f3ddc993ca6c20 Mon Sep 17 00:00:00 2001
From: Claas Augner <caugner@mozilla.com>
Date: Fri, 31 May 2024 18:56:24 +0200
Subject: [PATCH] fix(cloud-function): sanitize pong/get input

---
 libs/pong/pong2.js | 23 +++++++++++++++++------
 1 file changed, 17 insertions(+), 6 deletions(-)

diff --git a/libs/pong/pong2.js b/libs/pong/pong2.js
index b48aa3c8bb73..fc312479fd25 100644
--- a/libs/pong/pong2.js
+++ b/libs/pong/pong2.js
@@ -4,14 +4,25 @@ import anonymousIpByCC from "./cc2ip.js";
 
 export function createPong2GetHandler(zoneKeys, coder) {
   return async (body, countryCode, userAgent) => {
-    const { pongs = null } = body;
+    let { pongs = null } = body;
+
+    // Validate.
+    if (!Array.isArray(pongs)) {
+      return { statusCode: 400, payload: { status: "invalid" } };
+    }
+
+    // Sanitize.
+    pongs = pongs.filter((p) => p in zoneKeys);
+
+    if (pongs.length == 0) {
+      return { statusCode: 400, payload: { status: "empty" } };
+    }
+
     const anonymousIp = anonymousIpByCC(countryCode);
 
-    const placements = pongs
-      .filter((p) => p in zoneKeys)
-      .map((p) => {
-        return { name: p, zoneKey: [zoneKeys[p]] };
-      });
+    const placements = pongs.map((p) => {
+      return { name: p, zoneKey: [zoneKeys[p]] };
+    });
 
     const requests = placements.map(async ({ name, zoneKey }) => {
       const res = await (