From 1eae56ff1e59f5430c99ecfe2c3a04c35cc2a09b Mon Sep 17 00:00:00 2001
From: Oliver <oliver.henry.walters@gmail.com>
Date: Tue, 12 Nov 2024 19:56:00 +1100
Subject: [PATCH] Catch invalid decimal conversion (#8470)

- Thanks to  fuzzers reported by sentry.io
---
 src/backend/InvenTree/InvenTree/fields.py | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/backend/InvenTree/InvenTree/fields.py b/src/backend/InvenTree/InvenTree/fields.py
index 2029235c7c..2609780b5e 100644
--- a/src/backend/InvenTree/InvenTree/fields.py
+++ b/src/backend/InvenTree/InvenTree/fields.py
@@ -4,6 +4,7 @@ import sys
 from decimal import Decimal
 
 from django import forms
+from django.core.exceptions import ValidationError
 from django.db import models
 from django.utils.translation import gettext_lazy as _
 
@@ -152,7 +153,10 @@ class DatePickerFormField(forms.DateField):
 def round_decimal(value, places, normalize=False):
     """Round value to the specified number of places."""
     if type(value) in [Decimal, float]:
-        value = round(value, places)
+        try:
+            value = round(value, places)
+        except Exception:
+            raise ValidationError(_('Invalid decimal value') + f' ({value})')
 
         if normalize:
             # Remove any trailing zeroes