From 81c5e26a0ad9ce945b8266eb7cd0ddd6804bda01 Mon Sep 17 00:00:00 2001
From: ansuz <ansuz@transitiontech.ca>
Date: Mon, 24 Apr 2017 12:10:12 +0200
Subject: [PATCH] validate rpc messages more carefully

---
 rpc.js | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/rpc.js b/rpc.js
index 921d3f5ba..d68fa78b4 100644
--- a/rpc.js
+++ b/rpc.js
@@ -385,14 +385,22 @@ RPC.create = function (config, cb) {
     var store;
 
     var rpc = function (ctx, data, respond) {
+        if (!Array.isArray(data)) {
+            return void respond('INVALID_ARG_FORMAT');
+        }
+
         if (!data.length) {
             return void respond("INSUFFICIENT_ARGS");
         } else if (data.length !== 1) {
-            console.log(data.length);
+            console.log('[UNEXPECTED_ARGUMENTS_LENGTH] %s', data.length);
         }
 
         var msg = data[0].slice(0);
 
+        if (!Array.isArray(msg)) {
+            return void respond('INVALID_ARG_FORMAT');
+        }
+
         var signature = msg.shift();
         var publicKey = msg.shift();