From 556af11d3bb90c41bf5bff5c0bcc2435543b812d Mon Sep 17 00:00:00 2001
From: moneromooo-monero <moneromooo-monero@users.noreply.github.com>
Date: Tue, 23 Feb 2021 18:54:25 +0000
Subject: [PATCH] epee: return HTTP error 400 (Bad request) on deserialization
 error

It's better than 404 (Not found)
---
 .../epee/include/net/http_server_handlers_map2.h | 16 ++++++++++++++--
 1 file changed, 14 insertions(+), 2 deletions(-)

diff --git a/contrib/epee/include/net/http_server_handlers_map2.h b/contrib/epee/include/net/http_server_handlers_map2.h
index 1665fdac7..ffb3f3b7e 100644
--- a/contrib/epee/include/net/http_server_handlers_map2.h
+++ b/contrib/epee/include/net/http_server_handlers_map2.h
@@ -74,7 +74,13 @@
       uint64_t ticks = misc_utils::get_tick_count(); \
       boost::value_initialized<command_type::request> req; \
       bool parse_res = epee::serialization::load_t_from_json(static_cast<command_type::request&>(req), query_info.m_body); \
-      CHECK_AND_ASSERT_MES(parse_res, false, "Failed to parse json: \r\n" << query_info.m_body); \
+      if (!parse_res) \
+      { \
+         MERROR("Failed to parse json: \r\n" << query_info.m_body); \
+         response_info.m_response_code = 400; \
+         response_info.m_response_comment = "Bad request"; \
+         return true; \
+      } \
       uint64_t ticks1 = epee::misc_utils::get_tick_count(); \
       boost::value_initialized<command_type::response> resp;\
       MINFO(m_conn_context << "calling " << s_pattern); \
@@ -104,7 +110,13 @@
       uint64_t ticks = misc_utils::get_tick_count(); \
       boost::value_initialized<command_type::request> req; \
       bool parse_res = epee::serialization::load_t_from_binary(static_cast<command_type::request&>(req), epee::strspan<uint8_t>(query_info.m_body)); \
-      CHECK_AND_ASSERT_MES(parse_res, false, "Failed to parse bin body data, body size=" << query_info.m_body.size()); \
+      if (!parse_res) \
+      { \
+         MERROR("Failed to parse bin body data, body size=" << query_info.m_body.size()); \
+         response_info.m_response_code = 400; \
+         response_info.m_response_comment = "Bad request"; \
+         return true; \
+      } \
       uint64_t ticks1 = misc_utils::get_tick_count(); \
       boost::value_initialized<command_type::response> resp;\
       MINFO(m_conn_context << "calling " << s_pattern); \