geral2 · yuseok-kim-edushare · Feb 14, 2025 · Feb 14, 2025
diff --git a/API_Consumer/Consumers/Helper.cs b/API_Consumer/Consumers/Helper.cs
@@ -14,6 +14,16 @@ namespace SQLAPI_Consumer
     /// </summary>
     public  static class Helper
     {
+        static Helper()
+        {
+            // Add this static constructor to set global JSON parsing depth limit
+            // https://github.com/advisories/GHSA-5crp-9r3c-p9vr related codes
+            JsonConvert.DefaultSettings = () => new JsonSerializerSettings 
+            { 
+                MaxDepth = 128 // Recommended depth limit
+            };
+        }
+
         /// <summary>
         /// Static method used to Send multiple columns as result set thought Lists of string.
         /// </summary>
@@ -91,28 +101,28 @@ public static void SendResultValue(string ColumnName, string Value)
         public static void SendResultValue(ExtendedResult extResult)
         {
             var Header = new SqlMetaData[]
-            {
-                     new SqlMetaData(nameof(extResult.Result), SqlDbType.VarChar,SqlMetaData.Max),
-                     new SqlMetaData(nameof(extResult.ContentType), SqlDbType.VarChar,100),
-                     new SqlMetaData(nameof(extResult.Server), SqlDbType.VarChar,100),
+            {
+                     new SqlMetaData(nameof(extResult.Result), SqlDbType.VarChar,SqlMetaData.Max),
+                     new SqlMetaData(nameof(extResult.ContentType), SqlDbType.VarChar,100),
+                     new SqlMetaData(nameof(extResult.Server), SqlDbType.VarChar,100),
                      new SqlMetaData(nameof(extResult.StatusCode), SqlDbType.VarChar,100),
                      new SqlMetaData(nameof(extResult.StatusDescription), SqlDbType.VarChar,100),
                      new SqlMetaData(nameof(extResult.headers), SqlDbType.VarChar,SqlMetaData.Max)
-            };
-
+            };
+
             SqlDataRecord Record = new SqlDataRecord(Header);
 
             if (!SqlContext.Pipe.IsSendingResults)
                 SqlContext.Pipe.SendResultsStart(Record);
 
             if (SqlContext.Pipe.IsSendingResults)
             {
-                Record.SetValues(
-                                 extResult.Result
-                                , extResult.ContentType
-                                , extResult.Server
-                                , extResult.StatusCode
-                                , extResult.StatusDescription
+                Record.SetValues(
+                                 extResult.Result
+                                , extResult.ContentType
+                                , extResult.Server
+                                , extResult.StatusCode
+                                , extResult.StatusDescription
                                 , JsonConvert.SerializeObject(extResult.headers)
                                 );
 
@@ -160,44 +170,44 @@ public static void SendEmptyResult(SqlMetaData[] Header)
             }
         }
 
-        private static readonly Encoding SignatureEncoding = Encoding.UTF8;
-
+        private static readonly Encoding SignatureEncoding = Encoding.UTF8;
+
         /// <summary>
         /// public method to return that return SHA256
         /// </summary>
         /// <param name="message">parameters in URL</param>
         /// <param name="secret">SK</param>
-        /// <returns>string SHA256</returns>
-        public static string CreateSignature(string message, string secret)
-        {
-
-            byte[] keyBytes = SignatureEncoding.GetBytes(secret);
-            byte[] messageBytes = SignatureEncoding.GetBytes(message);
-            HMACSHA256 hmacsha256 = new HMACSHA256(keyBytes);
-
-            byte[] bytes = hmacsha256.ComputeHash(messageBytes);
-
-            return BitConverter.ToString(bytes).Replace("-", "").ToLower();
+        /// <returns>string SHA256</returns>
+        public static string CreateSignature(string message, string secret)
+        {
+
+            byte[] keyBytes = SignatureEncoding.GetBytes(secret);
+            byte[] messageBytes = SignatureEncoding.GetBytes(message);
+            HMACSHA256 hmacsha256 = new HMACSHA256(keyBytes);
+
+            byte[] bytes = hmacsha256.ComputeHash(messageBytes);
+
+            return BitConverter.ToString(bytes).Replace("-", "").ToLower();
         }
 
         /// <summary>
         /// Timestamp for signature
         /// </summary>
         /// <returns>string</returns>
-        public static string GetTimestamp()
+        public static string GetTimestamp()
         {
             var epoch = new DateTime(1970, 1, 1, 0, 0, 0, DateTimeKind.Utc);
             var timestamp  = (long)(DateTime.Now.ToUniversalTime() - epoch).TotalMilliseconds;
-            return timestamp.ToString();
-            //long milliseconds = System.DateTimeOffset.Now.ToUnixTimeMilliseconds();  
-            //return milliseconds.ToString();
+            return timestamp.ToString();
+            //long milliseconds = System.DateTimeOffset.Now.ToUnixTimeMilliseconds();  
+            //return milliseconds.ToString();
         }
 
         /// <summary>
         /// Get string's array of bytes 
         /// </summary>
         /// <returns>Base64 string</returns>
-        public static string GetBytes_Encoding(string _type, string _value)
+        public static string GetBytes_Encoding(string _type, string _value)
         {
             string byteArray;
 
@@ -217,7 +227,7 @@ public static string GetBytes_Encoding(string _type, string _value)
         /// Get string's array of bytes  Encoded ASCII
         /// </summary>
         /// <returns>Base64 string</returns>
-        public static string GetBytes_Encoding_ASCII(string _value)
+        public static string GetBytes_Encoding_ASCII(string _value)
         {
             var byteArray = Encoding.ASCII.GetBytes(_value);
 
@@ -228,7 +238,7 @@ public static string GetBytes_Encoding_ASCII(string _value)
         /// Get string's array of bytes Encoded UTF8
         /// </summary>
         /// <returns>Base64 string</returns>
-        public static string GetBytes_Encoding_UTF8(string _value)
+        public static string GetBytes_Encoding_UTF8(string _value)
         {
             var byteArray = Encoding.UTF8.GetBytes(_value);
 

diff --git a/API_Consumer/Properties/AssemblyInfo.cs b/API_Consumer/Properties/AssemblyInfo.cs
@@ -19,5 +19,5 @@
 //      Build Number
 //      Revision
 //
-[assembly: AssemblyVersion("2.3.6.1")]
-[assembly: AssemblyFileVersion("2.3.6.1")]
+[assembly: AssemblyVersion("2.3.6.2")]
+[assembly: AssemblyFileVersion("2.3.6.2")]