Fixed value overflows break query validation.

Author: michaelstaib

src/HotChocolate/Core/src/Types/Types/Scalars/IntType.cs

@@ -50,9 +50,9 @@ public IntType(
         Description = description;
     }
 
-    protected override int ParseLiteral(IntValueNode valueSyntax) =>
-        valueSyntax.ToInt32();
+    protected override int ParseLiteral(IntValueNode valueSyntax)
+        => valueSyntax.ToInt32();
 
-    protected override IntValueNode ParseValue(int runtimeValue) =>
-        new(runtimeValue);
+    protected override IntValueNode ParseValue(int runtimeValue)
+        => new(runtimeValue);
 }

src/HotChocolate/Core/src/Types/Types/Scalars/IntegerTypeBase.cs

@@ -27,7 +27,14 @@ protected IntegerTypeBase(
 
     protected override bool IsInstanceOfType(IntValueNode valueSyntax)
     {
-        return IsInstanceOfType(ParseLiteral(valueSyntax));
+        try
+        {
+            return IsInstanceOfType(ParseLiteral(valueSyntax));
+        }
+        catch (InvalidFormatException)
+        {
+            return false;
+        }
     }
 
     protected override bool IsInstanceOfType(TRuntimeType runtimeValue)

src/HotChocolate/Core/src/Validation/Rules/ValueVisitor.cs

@@ -222,7 +222,7 @@ protected override ISyntaxVisitorAction Enter(
                                     inputObjectType));
                         }
                         else if (value.Value.Kind is SyntaxKind.Variable &&
-                            !IsInstanceOfType(context, new NonNullType(field.Type), value.Value))
+                            !TryIsInstanceOfType(context, new NonNullType(field.Type), value.Value))
                         {
                             context.ReportError(
                                 context.OneOfVariablesMustBeNonNull(
@@ -331,7 +331,7 @@ protected override ISyntaxVisitorAction Enter(
         if (context.Types.TryPeek(out IType? currentType) &&
             currentType is IInputType locationType)
         {
-            if (valueNode.IsNull() || IsInstanceOfType(context, locationType, valueNode))
+            if (valueNode.IsNull() || TryIsInstanceOfType(context, locationType, valueNode))
             {
                 return Skip;
             }
@@ -347,7 +347,7 @@ protected override ISyntaxVisitorAction Enter(
         return Skip;
     }
 
-    private bool TryCreateValueError(
+    private static bool TryCreateValueError(
         IDocumentValidatorContext context,
         IInputType locationType,
         IValueNode valueNode,
@@ -389,6 +389,23 @@ private bool TryPeekLastDefiningSyntaxNode(
         return false;
     }
 
+    private bool TryIsInstanceOfType(
+        IDocumentValidatorContext context,
+        IInputType inputType,
+        IValueNode value)
+    {
+        try
+        {
+            return IsInstanceOfType(context, inputType, value);
+        }
+        // in the case a scalar IsInstanceOfType check is not done well an throws we will
+        // catch this here and make sure that the validation fails correctly.
+        catch
+        {
+            return false;
+        }
+    }
+
     private bool IsInstanceOfType(
         IDocumentValidatorContext context,
         IInputType inputType,

src/HotChocolate/Core/test/Validation.Tests/ValuesOfCorrectTypeRuleTests.cs

@@ -211,10 +211,21 @@ public void GoodIntNegativeValue()
             ");
         }
 
-        [Fact]
-        public void GoodNullToBooleanNullableValue()
-        {
-            ExpectValid(@"
+    [Fact]
+    public void OverflowInt()
+    {
+        ExpectErrors($@"
+            {{
+              arguments {{
+                intArgField(intArg: {long.MaxValue})
+              }}
+            }}");
+    }
+
+    [Fact]
+    public void GoodNullToBooleanNullableValue()
+    {
+        ExpectValid(@"
                 {
                   arguments {
                     booleanArgField(booleanArg: true)

src/HotChocolate/Core/test/Validation.Tests/__snapshots__/ValuesOfCorrectTypeRuleTests.OverflowInt.snap

@@ -0,0 +1,44 @@
+[
+  {
+    "Message": "The specified argument value does not match the argument type.",
+    "Code": null,
+    "Path": {
+      "Name": "intArgField",
+      "Parent": {
+        "Name": "arguments",
+        "Parent": {
+          "Parent": null,
+          "Depth": -1,
+          "IsRoot": true
+        },
+        "Depth": 0,
+        "IsRoot": false
+      },
+      "Depth": 1,
+      "IsRoot": false
+    },
+    "Locations": [
+      {
+        "Line": 4,
+        "Column": 37
+      }
+    ],
+    "Extensions": {
+      "argument": "intArg",
+      "argumentValue": "9223372036854775807",
+      "locationType": "Int",
+      "specifiedBy": "http://spec.graphql.org/October2021/#sec-Values-of-Correct-Type"
+    },
+    "Exception": null,
+    "SyntaxNode": {
+      "Kind": "IntValue",
+      "Location": {
+        "Start": 77,
+        "End": 97,
+        "Line": 4,
+        "Column": 37
+      },
+      "Value": "9223372036854775807"
+    }
+  }
+]