From 3430f0cb832a489ce8dee1e9294ca7a724f367af Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Florian=20M=C3=BCllner?= <fmuellner@gnome.org>
Date: Mon, 4 Nov 2013 11:14:44 +0100
Subject: [PATCH 1/3] screenshot: Extend ScreenshotArea parameter validation

We currently only ensure that width and height are positive, so it
is still possible to pass in values that don't make any sense at all
(which may even result in a crash when exceeding limits imposed by
X11).
There is nothing to screenshot outside the actual screen area, so
restrict the parameters to that.

https://bugzilla.gnome.org/show_bug.cgi?id=699752
---
 js/ui/screenshot.js | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/js/ui/screenshot.js b/js/ui/screenshot.js
index 2219a89..3c5c831 100644
--- a/js/ui/screenshot.js
+++ b/js/ui/screenshot.js
@@ -76,7 +76,9 @@ const ScreenshotService = new Lang.Class({
 
     ScreenshotAreaAsync : function (params, invocation) {
         let [x, y, width, height, flash, filename, callback] = params;
-        if (height <= 0 || width <= 0) {
+        if (x < 0 || y < 0 ||
+            width <= 0 || height <= 0 ||
+            x + width > global.screen_width || y + height > global.screen_height) {
             invocation.return_error_literal(Gio.IOErrorEnum, Gio.IOErrorEnum.CANCELLED,
                         "Invalid params");
             return;
-- 
1.8.4.2