Skip to content

Commit

Permalink
Updated addTemplateImg(): dimension check (#59)
Browse files Browse the repository at this point in the history
  • Loading branch information
thomas192 authored Apr 18, 2024
1 parent 3125497 commit fe28b4c
Showing 1 changed file with 15 additions and 2 deletions.
17 changes: 15 additions & 2 deletions backend/routes/templates.go
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,8 @@ package routes
import (
"encoding/json"
"fmt"
"image"
_ "image/png"
"io"
"io/ioutil"
"net/http"
Expand Down Expand Up @@ -42,8 +44,6 @@ func imageToPixelData(imageData []byte) []byte {
}

func addTemplateImg(w http.ResponseWriter, r *http.Request) {
// TODO: Limit file size / proportions between 5x5 and 64x64
// Passed like this curl -F "[email protected]" http://localhost:8080/addTemplateImg
file, _, err := r.FormFile("image")
if err != nil {
panic(err)
Expand All @@ -58,6 +58,19 @@ func addTemplateImg(w http.ResponseWriter, r *http.Request) {
}
defer tempFile.Close()

// Decode the image to check dimensions
img, format, err := image.Decode(file)
if err != nil {
http.Error(w, "Failed to decode the image: "+err.Error()+" - format: "+format, http.StatusBadRequest)
return
}
bounds := img.Bounds()
width, height := bounds.Max.X-bounds.Min.X, bounds.Max.Y-bounds.Min.Y
if width < 5 || width > 50 || height < 5 || height > 50 {
http.Error(w, fmt.Sprintf("Image dimensions out of allowed range (5x5 to 50x50). Uploaded image size: %dx%d", width, height), http.StatusBadRequest)
return
}

// Read all data from the uploaded file and write it to the temporary file
fileBytes, err := ioutil.ReadAll(file)
if err != nil {
Expand Down

0 comments on commit fe28b4c

Please sign in to comment.