github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-05-22 06:21:12 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

SECURITY: return error on oversized images

Browse Source
This commit is contained in:
Krzysztof Kotlarek
2020-09-14 10:10:55 +10:00
parent 0a4a273ccc
commit 333ddd4011
3 changed files with 5 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
lib/upload_creator.rb
View File

@ -168,6 +168,8 @@ class UploadCreator
@upload.errors.add(:base, I18n.t("upload.empty"))
elsif pixels == 0
@upload.errors.add(:base, I18n.t("upload.images.size_not_found"))
elsif max_image_pixels > 0 && pixels >= max_image_pixels * 2
@upload.errors.add(:base, I18n.t("upload.images.larger_than_x_megapixels", max_image_megapixels: SiteSetting.max_image_megapixels * 2))
end
end