Validate money change input in update_money function: Added checks to ensure the money_change value is finite before executing the database update, preventing potential serialization errors with invalid values.

src/worker/base.rs

@@ -147,7 +147,22 @@ impl BaseWorker {
         "#;
 
         conn.prepare("update_money", QUERY_UPDATE_MONEY)?;
-        let _ = conn.execute("update_money", &[&falukant_user_id, &money_change, &action])?;
+        use postgres::types::ToSql;
+
+        // Validate float to avoid passing NaN/inf which the postgres client
+        // may fail to serialize with an unclear error message.
+        if !money_change.is_finite() {
+            return Err(DbError::new(format!(
+                "Ungültiger money_change: {} (not finite)",
+                money_change
+            )));
+        }
+
+        let p1: &(dyn ToSql + Sync) = &falukant_user_id;
+        let p2: &(dyn ToSql + Sync) = &money_change;
+        let p3: &(dyn ToSql + Sync) = &action;
+
+        let _ = conn.execute("update_money", &[p1, p2, p3])?;
 
         Ok(())
     }