Fix TypeError crash in SEP-7 replace parameter parsing#227
Fix TypeError crash in SEP-7 replace parameter parsing#227CassioMG wants to merge 8 commits intorelease/1.10.0from
replace parameter parsing#227Conversation
There was a problem hiding this comment.
Pull request overview
This pull request fixes a TypeError crash in the SEP-7 replacement parameter parsing when the hints delimiter (;) is missing from the replace parameter string. The crash occurred because the code attempted to call .split() on an undefined value when no hints section was present in the replacement string format.
Changes:
- Added a guard clause to check for
hintsStringexistence before calling.split()to prevent the TypeError crash - Added comprehensive test coverage for replacements without hints (multiple fields, single field, undefined/empty input)
- Added end-to-end test verifying
Sep7Tx.getReplacements()handles URIs with missing hints section
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.
| File | Description |
|---|---|
| @stellar/typescript-wallet-sdk/src/walletSdk/Uri/sep7Parser.ts | Added conditional check for hintsString before processing hints to prevent TypeError when the semicolon delimiter is missing |
| @stellar/typescript-wallet-sdk/test/sep7.test.ts | Added 4 new test cases covering replacements without hints, including edge cases and end-to-end validation |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Per the SEP-7 spec, reference identifiers must be balanced on both sides of the semicolon delimiter. Previously, a replace value without a semicolon caused a TypeError crash. Now, sep7ReplacementsFromString validates that all identifiers match between the txrep and hints sections, throwing Sep7InvalidUriError on invalid input.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 2 out of 2 changed files in this pull request and generated no new comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 2 out of 2 changed files in this pull request and generated 3 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
- Extract hardcoded 4096 length limit to URI_REPLACE_MAX_LENGTH constant - Validate hint entries have both identifier and hint value - Validate txrep entries have non-empty path values
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 3 out of 3 changed files in this pull request and generated 1 comment.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 3 out of 3 changed files in this pull request and generated no new comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
1 participant
Summary
TypeErrorinsep7ReplacementsFromStringwhen thereplaceparameter string is missing the;hints delimiterreplacevalues with unbalanced reference identifiersProblem
sep7ReplacementsFromStringcalls.split()onhintsStringwithout checking if it exists. When areplaceparameter value lacks the;delimiter (e.g.sourceAccount:Xinstead ofsourceAccount:X;X:some hint), the destructuring on line 165 leaveshintsStringasundefined, and the immediate.split()call on line 166 throws:Fix
Per the SEP-7 spec:
The fix:
undefinedonhintsStringto prevent theTypeErrorSep7InvalidUriErrorwith a descriptive message when identifiers are unbalanced, instead of silently accepting invalid inputTests added
;delimiter) — single and multiple fields — throwsSep7InvalidUriErrorsourceAccount:X;Y:The account) — throwsSep7InvalidUriErrorundefinedand empty string input — returns[]Sep7Tx.getReplacements()with a URI whosereplaceparam has no hints — throwsSep7InvalidUriError