From 056bef7d5eb75d51b812f50b02df22fab39a8df8 Mon Sep 17 00:00:00 2001
From: Ralph Slooten <axllent@gmail.com>
Date: Sat, 6 Aug 2022 23:35:58 +1200
Subject: [PATCH] Security: Use strconv.Atoi() for safe string to int
 conversions

---
 server/server.go | 11 ++++-------
 1 file changed, 4 insertions(+), 7 deletions(-)

diff --git a/server/server.go b/server/server.go
index 069ce67..65c111e 100644
--- a/server/server.go
+++ b/server/server.go
@@ -156,16 +156,13 @@ func getStartLimit(req *http.Request) (start int, limit int) {
 	limit = 50
 
 	s := req.URL.Query().Get("start")
-	if n, e := strconv.ParseInt(s, 10, 64); e == nil && n > 0 {
-		start = int(n)
+	if n, err := strconv.Atoi(s); err == nil && n > 0 {
+		start = n
 	}
 
 	l := req.URL.Query().Get("limit")
-	if n, e := strconv.ParseInt(l, 10, 64); e == nil && n > 0 {
-		if n > 500 {
-			n = 500
-		}
-		limit = int(n)
+	if n, err := strconv.Atoi(l); err == nil && n > 0 {
+		limit = n
 	}
 
 	return start, limit