From d34fb4494e2a0055ba127b3a9d09164e5fd35e5c Mon Sep 17 00:00:00 2001
From: CalDescent <caldescent@protonmail.com>
Date: Thu, 16 Dec 2021 08:47:50 +0000
Subject: [PATCH] Validate input data when uploading, to make sure it's not
 empty or missing.

---
 .../api/resource/ArbitraryResource.java       | 24 +++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/src/main/java/org/qortal/api/resource/ArbitraryResource.java b/src/main/java/org/qortal/api/resource/ArbitraryResource.java
index 64380cbc..a2131d71 100644
--- a/src/main/java/org/qortal/api/resource/ArbitraryResource.java
+++ b/src/main/java/org/qortal/api/resource/ArbitraryResource.java
@@ -416,6 +416,10 @@ public class ArbitraryResource {
 					   String path) {
 		Security.checkApiCallAllowed(request);
 
+		if (path == null || path.isEmpty()) {
+			throw ApiExceptionFactory.INSTANCE.createCustomException(request, ApiError.INVALID_CRITERIA, "Path not supplied");
+		}
+
 		return this.upload(Service.valueOf(serviceString), name, null, path, null, null);
 	}
 
@@ -448,6 +452,10 @@ public class ArbitraryResource {
 					   		 			String base64) {
 		Security.checkApiCallAllowed(request);
 
+		if (base64 == null) {
+			throw ApiExceptionFactory.INSTANCE.createCustomException(request, ApiError.INVALID_CRITERIA, "Data not supplied");
+		}
+
 		return this.upload(Service.valueOf(serviceString), name, null, null, null, base64);
 	}
 
@@ -482,6 +490,10 @@ public class ArbitraryResource {
 							 String string) {
 		Security.checkApiCallAllowed(request);
 
+		if (string == null || string.isEmpty()) {
+			throw ApiExceptionFactory.INSTANCE.createCustomException(request, ApiError.INVALID_CRITERIA, "Data string not supplied");
+		}
+
 		return this.upload(Service.valueOf(serviceString), name, null, null, string, null);
 	}
 
@@ -518,6 +530,10 @@ public class ArbitraryResource {
 					   String path) {
 		Security.checkApiCallAllowed(request);
 
+		if (path == null || path.isEmpty()) {
+			throw ApiExceptionFactory.INSTANCE.createCustomException(request, ApiError.INVALID_CRITERIA, "Path not supplied");
+		}
+
 		return this.upload(Service.valueOf(serviceString), name, identifier, path, null, null);
 	}
 
@@ -553,6 +569,10 @@ public class ArbitraryResource {
 							 String string) {
 		Security.checkApiCallAllowed(request);
 
+		if (string == null || string.isEmpty()) {
+			throw ApiExceptionFactory.INSTANCE.createCustomException(request, ApiError.INVALID_CRITERIA, "Data string not supplied");
+		}
+
 		return this.upload(Service.valueOf(serviceString), name, identifier, null, string, null);
 	}
 
@@ -586,6 +606,10 @@ public class ArbitraryResource {
 							 			String base64) {
 		Security.checkApiCallAllowed(request);
 
+		if (base64 == null) {
+			throw ApiExceptionFactory.INSTANCE.createCustomException(request, ApiError.INVALID_CRITERIA, "Data not supplied");
+		}
+
 		return this.upload(Service.valueOf(serviceString), name, identifier, null, null, base64);
 	}