Merge pull request #781 from marle3003/alert-autofix-53

Potential fix for code scanning alert no. 53: Incorrect conversion between integer types

Author: marle3003

schema/avro/schema/parser_json.go

@@ -50,6 +50,10 @@ func parseType(v interface{}, s *Schema, typeName string) (interface{}, error) {
 			if math.Trunc(val) != val {
 				return 0, Errorf("type", "invalid type, expected %v but got %v", typeName, ToType(v))
 			}
+			// Ensure the value fits in a 32-bit signed integer
+			if val < math.MinInt32 || val > math.MaxInt32 {
+				return 0, Errorf("type", "integer value %v out of bounds for Avro int32", val)
+			}
 			return int(val), nil
 		}
 	case "long":

schema/avro/schema/parser_json_test.go

@@ -2,11 +2,14 @@ package schema_test
 
 import (
 	"encoding/json"
-	"github.com/stretchr/testify/require"
+	"fmt"
+	"math"
 	"mokapi/config/dynamic"
 	"mokapi/config/dynamic/dynamictest"
 	"mokapi/schema/avro/schema"
 	"testing"
+
+	"github.com/stretchr/testify/require"
 )
 
 func TestParser_Parse_Json(t *testing.T) {
@@ -50,6 +53,14 @@ func TestParser_Parse_Json(t *testing.T) {
 				require.EqualError(t, err, "invalid type, expected int but got float\nschema path #/type")
 			},
 		},
+		{
+			name:   "not int32",
+			input:  fmt.Sprintf("%v", int64(math.MaxInt32)+1),
+			schema: &schema.Schema{Type: []interface{}{"int"}},
+			test: func(t *testing.T, v interface{}, err error) {
+				require.EqualError(t, err, "integer value 2.147483648e+09 out of bounds for Avro int32\nschema path #/type")
+			},
+		},
 		{
 			name:   "long",
 			input:  `123`,