stuartl/gallery
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Restrict input parameter ranges.

Browse Source
This commit is contained in:
Stuart Longland 2008-01-11 14:34:55 +10:00
parent e5f344eddf
commit 217a1f1f7f
1 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
src/main.c
View File

@ -248,12 +248,24 @@ void photo_handler( struct gallery_info* gallery,
int width = hdf_get_int_value( cgi->hdf, "Query.width", 720 );
int height = hdf_get_int_value( cgi->hdf, "Query.height", 0 );
int quality = hdf_get_int_value( cgi->hdf, "Query.quality", 60 );
/* MAX SIZE: Allow images no bigger than a 2048 pixel square */
if ( width > 2048 ) width = 2048;
if ( height > 2048 ) height = 2048;
/* Prevent nonsense values */
if ( width < 0 ) width = 0;
if ( height < 0 ) height = 0;
if ( quality < 0 ) quality = 0;
if ( quality > 100 ) quality = 100;
/* Since ClearSilver doesn't provide a 'get float', we have to get
* string then call atof on it.
*/
char* rotation_str = hdf_get_value( cgi->hdf, "Query.rotation", "0" );
double rotation = atof( rotation_str );
if ( ( rotation < -360.0 ) || ( rotation > 360.0 ) )
rotation = rotation % 360.0
dprintf("photo_handler: asked for %dx%d image "
"at %fdeg rotation and %d quality\n",