SECURITY: return error on oversized images

SECURITY: return error on oversized images

diff --git a/lib/upload_creator.rb b/lib/upload_creator.rb
index 991c315..a5352c9 100644
--- a/lib/upload_creator.rb
+++ b/lib/upload_creator.rb
@@ -168,6 +168,8 @@ class UploadCreator
       @upload.errors.add(:base, I18n.t("upload.empty"))
     elsif pixels == 0
       @upload.errors.add(:base, I18n.t("upload.images.size_not_found"))
+    elsif max_image_pixels > 0 && pixels >= max_image_pixels * 2
+      @upload.errors.add(:base, I18n.t("upload.images.larger_than_x_megapixels", max_image_megapixels: SiteSetting.max_image_megapixels * 2))
     end
   end
 
diff --git a/spec/fixtures/images/huge.jpg b/spec/fixtures/images/huge.jpg
index 25f2d5c..2fb791c 100644
Binary files a/spec/fixtures/images/huge.jpg and b/spec/fixtures/images/huge.jpg differ
diff --git a/spec/models/upload_spec.rb b/spec/models/upload_spec.rb
index 23d79fc..3415363 100644
--- a/spec/models/upload_spec.rb
+++ b/spec/models/upload_spec.rb
@@ -56,11 +56,11 @@ describe Upload do
 
     upload = Upload.find(upload.id)
 
-    expect(upload.width).to eq(64250)
-    expect(upload.height).to eq(64250)
+    expect(upload.width).to eq(8900)
+    expect(upload.height).to eq(8900)
 
     upload.reload
-    expect(upload.read_attribute(:width)).to eq(64250)
+    expect(upload.read_attribute(:width)).to eq(8900)
 
     upload.update_columns(width: nil, height: nil, thumbnail_width: nil, thumbnail_height: nil)
 

GitHub sha: 333ddd40

1 Like

Should we test that the error has been added?

2 Likes

Fair point, I will add missing spec today

1 Like