1 files changed, 39 insertions, 25 deletions

diff --git a/src/lib/merchant_api_get_webhooks.c b/src/lib/merchant_api_get_webhooks.c
index 521230e6..e702baac 100644
--- a/src/lib/merchant_api_get_webhooks.c
+++ b/src/lib/merchant_api_get_webhooks.c
@@ -32,6 +32,11 @@
 
 
 /**
+ * Maximum number of webhooks we return.
+ */
+#define MAX_WEBHOOKS 1024
+
+/**
  * Handle for a GET /webhooks operation.
  */
 struct TALER_MERCHANT_WebhooksGetHandle
@@ -77,33 +82,42 @@ parse_webhooks (const json_t *ia,
                 struct TALER_MERCHANT_WebhooksGetResponse *wgr,
                 struct TALER_MERCHANT_WebhooksGetHandle *wgh)
 {
-  unsigned int whook_len = json_array_size (ia);
-  struct TALER_MERCHANT_WebhookEntry whook[GNUNET_NZL (whook_len)];
-  size_t index;
-  json_t *value;
-
-  json_array_foreach (ia, index, value) {
-    struct TALER_MERCHANT_WebhookEntry *ie = &whook[index];
-    struct GNUNET_JSON_Specification spec[] = {
-      GNUNET_JSON_spec_string ("webhook_id",
-                               &ie->webhook_id),
-      GNUNET_JSON_spec_end ()
-    };
-
-    if (GNUNET_OK !=
-        GNUNET_JSON_parse (value,
-                           spec,
-                           NULL, NULL))
-    {
-      GNUNET_break_op (0);
-      return GNUNET_SYSERR;
+  unsigned int whook_len = (unsigned int) json_array_size (ia);
+
+  if ( (json_array_size (ia) != (size_t)  whook_len) ||
+       (whook_len > MAX_WEBHOOKS) )
+  {
+    GNUNET_break (0);
+    return GNUNET_SYSERR;
+  }
+  {
+    struct TALER_MERCHANT_WebhookEntry whook[GNUNET_NZL (whook_len)];
+    size_t index;
+    json_t *value;
+
+    json_array_foreach (ia, index, value) {
+      struct TALER_MERCHANT_WebhookEntry *ie = &whook[index];
+      struct GNUNET_JSON_Specification spec[] = {
+        GNUNET_JSON_spec_string ("webhook_id",
+                                 &ie->webhook_id),
+        GNUNET_JSON_spec_end ()
+      };
+
+      if (GNUNET_OK !=
+          GNUNET_JSON_parse (value,
+                             spec,
+                             NULL, NULL))
+      {
+        GNUNET_break_op (0);
+        return GNUNET_SYSERR;
+      }
     }
+    wgr->details.ok.webhooks_length = whook_len;
+    wgr->details.ok.webhooks = whook;
+    wgh->cb (wgh->cb_cls,
+             wgr);
+    wgh->cb = NULL; /* just to be sure */
   }
-  wgr->details.ok.webhooks_length = whook_len;
-  wgr->details.ok.webhooks = whook;
-  wgh->cb (wgh->cb_cls,
-           wgr);
-  wgh->cb = NULL; /* just to be sure */
   return GNUNET_OK;
 }