From a1c78ad9d40ffe42257097c16e699f3aaa4382e0 Mon Sep 17 00:00:00 2001
From: -LAN- <laipz8200@outlook.com>
Date: Wed, 25 Dec 2024 18:36:52 +0800
Subject: [PATCH] fix(audio_service): validate message_id format using UUID
 (#12087)

Signed-off-by: -LAN- <laipz8200@outlook.com>
---
 api/services/audio_service.py | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/api/services/audio_service.py b/api/services/audio_service.py
index 973110f515..ef52301c0a 100644
--- a/api/services/audio_service.py
+++ b/api/services/audio_service.py
@@ -1,5 +1,6 @@
 import io
 import logging
+import uuid
 from typing import Optional
 
 from werkzeug.datastructures import FileStorage
@@ -122,6 +123,10 @@ class AudioService:
                     raise e
 
         if message_id:
+            try:
+                uuid.UUID(message_id)
+            except ValueError:
+                return None
             message = db.session.query(Message).filter(Message.id == message_id).first()
             if message is None:
                 return None