From 762d72b0184c44e739d8d544d30aa1396a7eb8e3 Mon Sep 17 00:00:00 2001
From: NguyenThuyLan <116753400+NguyenThuyLan@users.noreply.github.com>
Date: Wed, 25 Sep 2024 18:19:09 +0700
Subject: [PATCH 1/3] update ImageSharpMiddlewareOption for fixing invalid
 width and height (#17126)

Co-authored-by: Lan Nguyen Thuy <lnt@umbraco.dk>
(cherry picked from commit 9b19d63a6a4ea44bd4b56bbb0874284a1bc5ba52)
---
 .../ConfigureImageSharpMiddlewareOptions.cs   | 23 ++++++++++++++-----
 1 file changed, 17 insertions(+), 6 deletions(-)

diff --git a/src/Umbraco.Cms.Imaging.ImageSharp/ConfigureImageSharpMiddlewareOptions.cs b/src/Umbraco.Cms.Imaging.ImageSharp/ConfigureImageSharpMiddlewareOptions.cs
index 9a1ecead89b2..1ef672270ef8 100644
--- a/src/Umbraco.Cms.Imaging.ImageSharp/ConfigureImageSharpMiddlewareOptions.cs
+++ b/src/Umbraco.Cms.Imaging.ImageSharp/ConfigureImageSharpMiddlewareOptions.cs
@@ -1,3 +1,4 @@
+using System.Globalization;
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Http.Headers;
 using Microsoft.Extensions.Options;
@@ -48,16 +49,26 @@ public void Configure(ImageSharpMiddlewareOptions options)
                 return Task.CompletedTask;
             }
 
-            int width = context.Parser.ParseValue<int>(context.Commands.GetValueOrDefault(ResizeWebProcessor.Width), context.Culture);
-            if (width <= 0 || width > _imagingSettings.Resize.MaxWidth)
+            if (context.Commands.Contains(ResizeWebProcessor.Width))
             {
-                context.Commands.Remove(ResizeWebProcessor.Width);
+                if (!int.TryParse(context.Commands.GetValueOrDefault(ResizeWebProcessor.Width), NumberStyles.Integer,
+                    CultureInfo.InvariantCulture, out var width)
+                || width < 0
+                || width >= _imagingSettings.Resize.MaxWidth)
+                {
+                    context.Commands.Remove(ResizeWebProcessor.Width);
+                }
             }
 
-            int height = context.Parser.ParseValue<int>(context.Commands.GetValueOrDefault(ResizeWebProcessor.Height), context.Culture);
-            if (height <= 0 || height > _imagingSettings.Resize.MaxHeight)
+            if (context.Commands.Contains(ResizeWebProcessor.Height))
             {
-                context.Commands.Remove(ResizeWebProcessor.Height);
+                if (!int.TryParse(context.Commands.GetValueOrDefault(ResizeWebProcessor.Height), NumberStyles.Integer,
+                    CultureInfo.InvariantCulture, out var height)
+                || height < 0
+                || height >= _imagingSettings.Resize.MaxHeight)
+                {
+                    context.Commands.Remove(ResizeWebProcessor.Height);
+                }
             }
 
             return Task.CompletedTask;

From 46604909be4a3ab9f5e9a1ed32542fbe45e074ee Mon Sep 17 00:00:00 2001
From: NguyenThuyLan <116753400+nguyenthuylan@users.noreply.github.com>
Date: Fri, 27 Sep 2024 07:41:55 +0200
Subject: [PATCH 2/3] Fix error format code (#17146)

* update ImageSharpMiddlewareOption for fixing invalid width and height (#17126)

Co-authored-by: Lan Nguyen Thuy <lnt@umbraco.dk>

* Fix issue format parameters

---------

Co-authored-by: Lan Nguyen Thuy <lnt@umbraco.dk>

(cherry picked from commit 9a12eea495c4122b941bd21c5afd7726cf87d920)
---
 .../ConfigureImageSharpMiddlewareOptions.cs        | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/src/Umbraco.Cms.Imaging.ImageSharp/ConfigureImageSharpMiddlewareOptions.cs b/src/Umbraco.Cms.Imaging.ImageSharp/ConfigureImageSharpMiddlewareOptions.cs
index 1ef672270ef8..79fcd0a9bf05 100644
--- a/src/Umbraco.Cms.Imaging.ImageSharp/ConfigureImageSharpMiddlewareOptions.cs
+++ b/src/Umbraco.Cms.Imaging.ImageSharp/ConfigureImageSharpMiddlewareOptions.cs
@@ -51,8 +51,11 @@ public void Configure(ImageSharpMiddlewareOptions options)
 
             if (context.Commands.Contains(ResizeWebProcessor.Width))
             {
-                if (!int.TryParse(context.Commands.GetValueOrDefault(ResizeWebProcessor.Width), NumberStyles.Integer,
-                    CultureInfo.InvariantCulture, out var width)
+                if (!int.TryParse(
+                    context.Commands.GetValueOrDefault(ResizeWebProcessor.Width),
+                    NumberStyles.Integer,
+                    CultureInfo.InvariantCulture,
+                    out var width)
                 || width < 0
                 || width >= _imagingSettings.Resize.MaxWidth)
                 {
@@ -62,8 +65,11 @@ public void Configure(ImageSharpMiddlewareOptions options)
 
             if (context.Commands.Contains(ResizeWebProcessor.Height))
             {
-                if (!int.TryParse(context.Commands.GetValueOrDefault(ResizeWebProcessor.Height), NumberStyles.Integer,
-                    CultureInfo.InvariantCulture, out var height)
+                if (!int.TryParse(
+                    context.Commands.GetValueOrDefault(ResizeWebProcessor.Height),
+                    NumberStyles.Integer,
+                    CultureInfo.InvariantCulture,
+                    out var height)
                 || height < 0
                 || height >= _imagingSettings.Resize.MaxHeight)
                 {

From d57d12d54d95d1a4df22553692798973f90f29d7 Mon Sep 17 00:00:00 2001
From: Bjarke Berg <mail@bergmania.dk>
Date: Fri, 27 Sep 2024 07:43:12 +0200
Subject: [PATCH 3/3] Fixed imagesharp 2 also

---
 .../ConfigureImageSharpMiddlewareOptions.cs   | 33 +++++++++++++------
 1 file changed, 23 insertions(+), 10 deletions(-)

diff --git a/src/Umbraco.Cms.Imaging.ImageSharp2/ConfigureImageSharpMiddlewareOptions.cs b/src/Umbraco.Cms.Imaging.ImageSharp2/ConfigureImageSharpMiddlewareOptions.cs
index 8daa1b689b01..dcc67bf5d32e 100644
--- a/src/Umbraco.Cms.Imaging.ImageSharp2/ConfigureImageSharpMiddlewareOptions.cs
+++ b/src/Umbraco.Cms.Imaging.ImageSharp2/ConfigureImageSharpMiddlewareOptions.cs
@@ -1,3 +1,4 @@
+using System.Globalization;
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Http.Headers;
 using Microsoft.Extensions.Options;
@@ -47,20 +48,32 @@ public void Configure(ImageSharpMiddlewareOptions options)
                 return Task.CompletedTask;
             }
 
-            var width = context.Parser.ParseValue<int>(
-                context.Commands.GetValueOrDefault(ResizeWebProcessor.Width),
-                context.Culture);
-            if (width <= 0 || width > _imagingSettings.Resize.MaxWidth)
+            if (context.Commands.Contains(ResizeWebProcessor.Width))
             {
-                context.Commands.Remove(ResizeWebProcessor.Width);
+                if (!int.TryParse(
+                        context.Commands.GetValueOrDefault(ResizeWebProcessor.Width),
+                        NumberStyles.Integer,
+                        CultureInfo.InvariantCulture,
+                        out var width)
+                    || width < 0
+                    || width >= _imagingSettings.Resize.MaxWidth)
+                {
+                    context.Commands.Remove(ResizeWebProcessor.Width);
+                }
             }
 
-            var height = context.Parser.ParseValue<int>(
-                context.Commands.GetValueOrDefault(ResizeWebProcessor.Height),
-                context.Culture);
-            if (height <= 0 || height > _imagingSettings.Resize.MaxHeight)
+            if (context.Commands.Contains(ResizeWebProcessor.Height))
             {
-                context.Commands.Remove(ResizeWebProcessor.Height);
+                if (!int.TryParse(
+                        context.Commands.GetValueOrDefault(ResizeWebProcessor.Height),
+                        NumberStyles.Integer,
+                        CultureInfo.InvariantCulture,
+                        out var height)
+                    || height < 0
+                    || height >= _imagingSettings.Resize.MaxHeight)
+                {
+                    context.Commands.Remove(ResizeWebProcessor.Height);
+                }
             }
 
             return Task.CompletedTask;