Problem
The /api/images/upload endpoint validates file type and size, but does not enforce format or structure constraints on request body fields such as deviceAddress, imageHash, or cameraId.
Invalid values (e.g., malformed Ethereum addresses or incorrect hash formats) can propagate to deeper layers like blockchain calls, resulting in unclear errors and harder debugging.
Proposed Solution
Introduce structured validation for request payload using a schema-based approach.
- Validate Ethereum address format for
deviceAddress
- Validate hex format for
imageHash
- Limit length of
cameraId
- Reject malformed payloads early and clean up uploaded files
Impact
- Prevents invalid data from reaching core logic
- Improves clarity of error responses
- Makes the upload flow more robust and easier to debug
Problem
The
/api/images/uploadendpoint validates file type and size, but does not enforce format or structure constraints on request body fields such asdeviceAddress,imageHash, orcameraId.Invalid values (e.g., malformed Ethereum addresses or incorrect hash formats) can propagate to deeper layers like blockchain calls, resulting in unclear errors and harder debugging.
Proposed Solution
Introduce structured validation for request payload using a schema-based approach.
deviceAddressimageHashcameraIdImpact