From f9f500490974e4bf5c4824fa596ae133995bb7ef Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Florian=20M=C3=BCllner?= <fmuellner@gnome.org>
Date: Mon, 4 Nov 2013 11:14:44 +0100
Subject: [PATCH] screenshot: Extend ScreenshotArea parameter validation

We currently only ensure that width and height are positive, so it
is still possible to pass in values that don't make any sense at all
(which may even result in a crash when exceeding limits imposed by
X11).
There is nothing to screenshot outside the actual screen area, so
restrict the parameters to that.

https://bugzilla.gnome.org/show_bug.cgi?id=699752
---
 js/ui/screenshot.js | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/js/ui/screenshot.js b/js/ui/screenshot.js
index 10435c5b8..73ca773a9 100644
--- a/js/ui/screenshot.js
+++ b/js/ui/screenshot.js
@@ -79,7 +79,9 @@ const ScreenshotService = new Lang.Class({
 
     ScreenshotAreaAsync : function (params, invocation) {
         let [x, y, width, height, flash, filename, callback] = params;
-        if (height <= 0 || width <= 0) {
+        if (x < 0 || y < 0 ||
+            width <= 0 || height <= 0 ||
+            x + width > global.screen_width || y + height > global.screen_height) {
             invocation.return_error_literal(Gio.IOErrorEnum, Gio.IOErrorEnum.CANCELLED,
                         "Invalid params");
             return;