Mathis/sharp
1
0
Fork 0
mirror of https://github.com/lovell/sharp.git synced 2025-07-09 10:30:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Tighten constructor text property validation #4071

Browse Source
This commit is contained in:
Lovell Fuller 2024-04-19 12:48:47 +01:00
parent 3e8a0fc522
commit a1309aa3b8
3 changed files with 63 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
docs/changelog.md
View File

@ -21,6 +21,9 @@ Requires libvips v8.15.2
* Ensure `extend` operation stays sequential for multi-page TIFF (regression in 0.32.0). * Ensure `extend` operation stays sequential for multi-page TIFF (regression in 0.32.0).
[#4069](https://github.com/lovell/sharp/issues/4069) [#4069](https://github.com/lovell/sharp/issues/4069)
* Tighten validation of constructor `text` integer properties.
[#4071](https://github.com/lovell/sharp/issues/4071)
### v0.33.3 - 23rd March 2024 ### v0.33.3 - 23rd March 2024
* Upgrade to libvips v8.15.2 for upstream bug fixes. * Upgrade to libvips v8.15.2 for upstream bug fixes.

16
lib/input.js
View File

@ -296,17 +296,17 @@ function _createInputDescriptor (input, inputOptions, containerOptions) {
} }
} }
if (is.defined(inputOptions.text.width)) { if (is.defined(inputOptions.text.width)) {
if (is.number(inputOptions.text.width)) { if (is.integer(inputOptions.text.width) && inputOptions.text.width > 0) {
inputDescriptor.textWidth = inputOptions.text.width; inputDescriptor.textWidth = inputOptions.text.width;
} else { } else {
throw is.invalidParameterError('text.textWidth', 'number', inputOptions.text.width); throw is.invalidParameterError('text.width', 'positive integer', inputOptions.text.width);
} }
} }
if (is.defined(inputOptions.text.height)) { if (is.defined(inputOptions.text.height)) {
if (is.number(inputOptions.text.height)) { if (is.integer(inputOptions.text.height) && inputOptions.text.height > 0) {
inputDescriptor.textHeight = inputOptions.text.height; inputDescriptor.textHeight = inputOptions.text.height;
} else { } else {
throw is.invalidParameterError('text.height', 'number', inputOptions.text.height); throw is.invalidParameterError('text.height', 'positive integer', inputOptions.text.height);
} }
} }
if (is.defined(inputOptions.text.align)) { if (is.defined(inputOptions.text.align)) {
@ -324,10 +324,10 @@ function _createInputDescriptor (input, inputOptions, containerOptions) {
} }
} }
if (is.defined(inputOptions.text.dpi)) { if (is.defined(inputOptions.text.dpi)) {
if (is.number(inputOptions.text.dpi) && is.inRange(inputOptions.text.dpi, 1, 100000)) { if (is.integer(inputOptions.text.dpi) && is.inRange(inputOptions.text.dpi, 1, 1000000)) {
inputDescriptor.textDpi = inputOptions.text.dpi; inputDescriptor.textDpi = inputOptions.text.dpi;
} else { } else {
throw is.invalidParameterError('text.dpi', 'number between 1 and 100000', inputOptions.text.dpi); throw is.invalidParameterError('text.dpi', 'integer between 1 and 1000000', inputOptions.text.dpi);
} }
} }
if (is.defined(inputOptions.text.rgba)) { if (is.defined(inputOptions.text.rgba)) {
@ -338,10 +338,10 @@ function _createInputDescriptor (input, inputOptions, containerOptions) {
} }
} }
if (is.defined(inputOptions.text.spacing)) { if (is.defined(inputOptions.text.spacing)) {
if (is.number(inputOptions.text.spacing)) { if (is.integer(inputOptions.text.spacing) && is.inRange(inputOptions.text.spacing, -1000000, 1000000)) {
inputDescriptor.textSpacing = inputOptions.text.spacing; inputDescriptor.textSpacing = inputOptions.text.spacing;
} else { } else {
throw is.invalidParameterError('text.spacing', 'number', inputOptions.text.spacing); throw is.invalidParameterError('text.spacing', 'integer between -1000000 and 1000000', inputOptions.text.spacing);
} }
} }
if (is.defined(inputOptions.text.wrap)) { if (is.defined(inputOptions.text.wrap)) {

88
test/unit/text.js
View File

@ -228,26 +228,34 @@ describe('Text to image', function () {
}); });
}); });
it('bad width input', function () { it('invalid width', () => {
assert.throws(function () { assert.throws(
sharp({ () => sharp({ text: { text: 'text', width: 'bad' } }),
text: { /Expected positive integer for text\.width but received bad of type string/
text: 'text', );
width: 'bad' assert.throws(
} () => sharp({ text: { text: 'text', width: 0.1 } }),
}); /Expected positive integer for text\.width but received 0.1 of type number/
}); );
assert.throws(
() => sharp({ text: { text: 'text', width: -1 } }),
/Expected positive integer for text\.width but received -1 of type number/
);
}); });
it('bad height input', function () { it('invalid height', () => {
assert.throws(function () { assert.throws(
sharp({ () => sharp({ text: { text: 'text', height: 'bad' } }),
text: { /Expected positive integer for text\.height but received bad of type string/
text: 'text', );
height: 'bad' assert.throws(
} () => sharp({ text: { text: 'text', height: 0.1 } }),
}); /Expected positive integer for text\.height but received 0.1 of type number/
}); );
assert.throws(
() => sharp({ text: { text: 'text', height: -1 } }),
/Expected positive integer for text\.height but received -1 of type number/
);
}); });
it('bad align input', function () { it('bad align input', function () {
@ -272,15 +280,19 @@ describe('Text to image', function () {
}); });
}); });
it('bad dpi input', function () { it('invalid dpi', () => {
assert.throws(function () { assert.throws(
sharp({ () => sharp({ text: { text: 'text', dpi: 'bad' } }),
text: { /Expected integer between 1 and 1000000 for text\.dpi but received bad of type string/
text: 'text', );
dpi: -10 assert.throws(
} () => sharp({ text: { text: 'text', dpi: 0.1 } }),
}); /Expected integer between 1 and 1000000 for text\.dpi but received 0.1 of type number/
}); );
assert.throws(
() => sharp({ text: { text: 'text', dpi: -1 } }),
/Expected integer between 1 and 1000000 for text\.dpi but received -1 of type number/
);
}); });
it('bad rgba input', function () { it('bad rgba input', function () {
@ -294,15 +306,19 @@ describe('Text to image', function () {
}); });
}); });
it('bad spacing input', function () { it('invalid spacing', () => {
assert.throws(function () { assert.throws(
sharp({ () => sharp({ text: { text: 'text', spacing: 'bad' } }),
text: { /Expected integer between -1000000 and 1000000 for text\.spacing but received bad of type string/
text: 'text', );
spacing: 'number expected' assert.throws(
} () => sharp({ text: { text: 'text', spacing: 0.1 } }),
}); /Expected integer between -1000000 and 1000000 for text\.spacing but received 0.1 of type number/
}); );
assert.throws(
() => sharp({ text: { text: 'text', spacing: -1000001 } }),
/Expected integer between -1000000 and 1000000 for text\.spacing but received -1000001 of type number/
);
}); });
it('only height or dpi not both', function () { it('only height or dpi not both', function () {