FIX: Negative limit values shouldn't cause error 500 (#10162)

app/controllers/tags_controller.rb

@@ -214,6 +214,10 @@ class TagsController < ::ApplicationController
       exclude_has_synonyms: params[:excludeHasSynonyms]
     }
 
+    if filter_params[:limit] && filter_params[:limit].to_i < 0
+      raise Discourse::InvalidParameters.new(:limit)
+    end
+
     if params[:categoryId]
       filter_params[:category] = Category.find_by_id(params[:categoryId])
     end

spec/requests/tags_controller_spec.rb

@@ -707,6 +707,13 @@ describe TagsController do
           ['common1', 'common2', 'group1tag', 'group1tag2']
         )
       end
+
+      it 'returns error 400 for negative limit' do
+        get "/tags/filter/search.json", params: { q: '', limit: -1 }
+
+        expect(response.status).to eq(400)
+        expect(response.parsed_body['errors'].first).to eq(I18n.t('invalid_params', message: 'limit'))
+      end
     end
   end