dan/pngjs
1
0
Fork 0
mirror of https://github.com/danbulant/pngjs synced 2026-06-20 15:01:33 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix: explicitly coerce all pixel-dimensioned inputs to integers (#66)

Browse source
This commit is contained in:
Martin Segado 2017-01-09 01:12:46 -05:00 committed by Luke Page
parent b495e60323
commit 3ad37374e3
1 changed files with 12 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
lib/png.js
View file

@ -12,8 +12,9 @@ var PNG = exports.PNG = function(options) {
options = options || {}; // eslint-disable-line no-param-reassign
this.width = options.width || 0;
this.height = options.height || 0;
// coerce pixel dimensions to integers (also coerces undefined -> 0):
this.width = options.width | 0;
this.height = options.height | 0;
this.data = this.width > 0 && this.height > 0 ?
new Buffer(4 * this.width * this.height) : null;
@ -116,6 +117,15 @@ PNG.prototype._handleClose = function() {
PNG.bitblt = function(src, dst, srcX, srcY, width, height, deltaX, deltaY) { // eslint-disable-line max-params
// coerce pixel dimensions to integers (also coerces undefined -> 0):
/* eslint-disable no-param-reassign */
srcX |= 0;
srcY |= 0;
width |= 0;
height |= 0;
deltaX |= 0;
deltaY |= 0;
/* eslint-enable no-param-reassign */
if (srcX > src.width || srcY > src.height || srcX + width > src.width || srcY + height > src.height) {
throw new Error('bitblt reading outside image');