From 3ac7bf874c1983e6f268235114c75832eb1d807b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Florian=20M=C3=BCllner?= <fmuellner@gnome.org>
Date: Mon, 4 Nov 2013 11:14:44 +0100
Subject: [PATCH] screenshot: Extend ScreenshotArea parameter validation

We currently only ensure that width and height are positive, so it
is still possible to pass in values that don't make any sense at all
(which may even result in a crash when exceeding limits imposed by
X11).
There is nothing to screenshot outside the actual screen area, so
restrict the parameters to that.

https://bugzilla.gnome.org/show_bug.cgi?id=699752
---
 js/ui/screenshot.js | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/js/ui/screenshot.js b/js/ui/screenshot.js
index 92efd03b4..bbeddd0e3 100644
--- a/js/ui/screenshot.js
+++ b/js/ui/screenshot.js
@@ -77,7 +77,9 @@ const ScreenshotService = new Lang.Class({
 
     ScreenshotAreaAsync : function (params, invocation) {
         let [x, y, width, height, flash, filename, callback] = params;
-        if (height <= 0 || width <= 0) {
+        if (x < 0 || y < 0 ||
+            width <= 0 || height <= 0 ||
+            x + width > global.screen_width || y + height > global.screen_height) {
             invocation.return_error_literal(Gio.IOErrorEnum, Gio.IOErrorEnum.CANCELLED,
                         "Invalid params");
             return;