From 976a7c10b00b6176e8be6a627c132b789a3f29bd Mon Sep 17 00:00:00 2001
From: Brian Tiger Chow <brian.holderchow@gmail.com>
Date: Tue, 4 Nov 2014 02:09:40 -0800
Subject: [PATCH] fix(commands/http/client) cast safely

---
 commands/http/client.go | 33 ++++++++++++++++++++++++++++-----
 1 file changed, 28 insertions(+), 5 deletions(-)

diff --git a/commands/http/client.go b/commands/http/client.go
index 9db9038db7ad..748f50365135 100644
--- a/commands/http/client.go
+++ b/commands/http/client.go
@@ -3,6 +3,7 @@ package http
 import (
 	"bytes"
 	"encoding/json"
+	"errors"
 	"fmt"
 	"io"
 	"net/http"
@@ -12,6 +13,8 @@ import (
 	cmds "github.com/jbenet/go-ipfs/commands"
 )
 
+var castError = errors.New("cast error")
+
 const (
 	ApiUrlFormat = "http://%s%s/%s?%s"
 	ApiPath      = "/api/v0" // TODO: make configurable
@@ -33,11 +36,19 @@ func NewClient(address string) Client {
 func (c *client) Send(req cmds.Request) (cmds.Response, error) {
 	var userEncoding string
 	if enc, found := req.Option(cmds.EncShort); found {
-		userEncoding = enc.(string)
+		var ok bool
+		userEncoding, ok = enc.(string)
+		if !ok {
+			return nil, castError
+		}
 		req.SetOption(cmds.EncShort, cmds.JSON)
 	} else {
+		var ok bool
 		enc, _ := req.Option(cmds.EncLong)
-		userEncoding = enc.(string)
+		userEncoding, ok = enc.(string)
+		if !ok {
+			return nil, castError
+		}
 		req.SetOption(cmds.EncLong, cmds.JSON)
 	}
 
@@ -73,7 +84,11 @@ func getQuery(req cmds.Request) (string, io.Reader, error) {
 
 	query := url.Values{}
 	for k, v := range req.Options() {
-		query.Set(k, v.(string))
+		str, ok := v.(string)
+		if !ok {
+			return "", nil, castError
+		}
+		query.Set(k, str)
 	}
 
 	args := req.Arguments()
@@ -86,14 +101,22 @@ func getQuery(req cmds.Request) (string, io.Reader, error) {
 		}
 
 		if argDef.Type == cmds.ArgString {
-			query.Add("arg", arg.(string))
+			str, ok := arg.(string)
+			if !ok {
+				return "", nil, castError
+			}
+			query.Add("arg", str)
 
 		} else {
 			// TODO: multipart
 			if inputStream != nil {
 				return "", nil, fmt.Errorf("Currently, only one file stream is possible per request")
 			}
-			inputStream = arg.(io.Reader)
+			var ok bool
+			inputStream, ok = arg.(io.Reader)
+			if !ok {
+				return "", nil, castError
+			}
 		}
 	}