Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

validate range of arguments to Collection#create

  • Loading branch information...
commit 3461987d350a38dedbd9b89dec164a15c2392075 1 parent f169dcc
Jonah Williams authored
Showing with 23 additions and 5 deletions.
  1. +8 −2 lib/will_paginate/collection.rb
  2. +15 −3 test/collection_test.rb
View
10 lib/will_paginate/collection.rb
@@ -47,10 +47,16 @@ class Collection < Array
def initialize(page, per_page, total = nil)
@current_page = page.to_i
raise InvalidPage.new(page, @current_page) if @current_page < 1
+ raise InvalidPage.new(page, @current_page) if @current_page > 9223372036854775807
@per_page = per_page.to_i
raise ArgumentError, "`per_page` setting cannot be less than 1 (#{@per_page} given)" if @per_page < 1
-
- self.total_entries = total if total
+ raise ArgumentError, "`per_page` setting cannot be greater than BIGINT" if @per_page > 9223372036854775807
+
+ if total
+ raise ArgumentError, "`total_entries` setting cannot be less than 0 (#{total} given)" if total < 0
+ raise ArgumentError, "`total_entries` setting cannot be greater than BIGINT" if total > 9223372036854775807
+ self.total_entries = total
+ end
end
# Just like +new+, but yields the object after instantiation and returns it
View
18 test/collection_test.rb
@@ -112,15 +112,27 @@ def test_guessing_total_count
end
def test_invalid_page
- bad_inputs = [0, -1, nil, '', 'Schnitzel']
+ bad_inputs = [0, -1, nil, '', 9223372036854775808, 'Schnitzel']
bad_inputs.each do |bad|
assert_raise(WillPaginate::InvalidPage) { create bad }
end
end
- def test_invalid_per_page_setting
- assert_raise(ArgumentError) { create(1, -1) }
+ def test_invalid_per_page
+ bad_inputs = [0, -1, 9223372036854775808, 'Schnitzel']
+
+ bad_inputs.each do |bad|
+ assert_raise(ArgumentError) { create(1, bad) }
+ end
+ end
+
+ def test_invalid_total_entries
+ bad_inputs = [-1, 9223372036854775808, 'Schnitzel']
+
+ bad_inputs.each do |bad|
+ assert_raise(ArgumentError) { create(1, 1, bad) }
+ end
end
def test_page_count_was_removed
Please sign in to comment.
Something went wrong with that request. Please try again.