Merge pull request #7406 from LibreSign/backport/7405/stable32

vitormattos · web-flow · commit 7da4841228e0 · 2026-04-04T17:02:27.000-03:00
[stable32] fix: prevent Imagick crash caused by invalid signature box dimensions
diff --git a/lib/Controller/AdminController.php b/lib/Controller/AdminController.php
@@ -451,8 +451,8 @@ public function signatureBackgroundDelete(): DataResponse {
 	 * @param string $template Template to signature text
 	 * @param float $templateFontSize Font size used when print the parsed text of this template at PDF file
 	 * @param float $signatureFontSize Font size used when the signature mode is SIGNAME_AND_DESCRIPTION
-	 * @param float $signatureWidth Signature width
-	 * @param float $signatureHeight Signature height
+	 * @param float $signatureWidth Signature box width, minimum 1
+	 * @param float $signatureHeight Signature box height, minimum 1
 	 * @param string $renderMode Signature render mode
 	 * @return DataResponse<Http::STATUS_OK, LibresignSignatureTextSettingsResponse, array{}>|DataResponse<Http::STATUS_BAD_REQUEST, LibresignErrorResponse, array{}>
 	 *
diff --git a/lib/Migration/Version17003Date20260404000000.php b/lib/Migration/Version17003Date20260404000000.php
@@ -0,0 +1,59 @@
+<?php
+
+declare(strict_types=1);
+
+/**
+ * SPDX-FileCopyrightText: 2026 LibreCode coop and contributors
+ * SPDX-License-Identifier: AGPL-3.0-or-later
+ */
+
+namespace OCA\Libresign\Migration;
+
+use Closure;
+use OCA\Libresign\AppInfo\Application;
+use OCA\Libresign\Service\SignatureTextService;
+use OCP\DB\ISchemaWrapper;
+use OCP\IAppConfig;
+use OCP\Migration\IOutput;
+use OCP\Migration\SimpleMigrationStep;
+
+class Version17003Date20260404000000 extends SimpleMigrationStep {
+	public function __construct(
+		private IAppConfig $appConfig,
+	) {
+	}
+
+	/**
+	 * @param IOutput $output
+	 * @param Closure(): ISchemaWrapper $schemaClosure
+	 * @param array $options
+	 */
+	#[\Override]
+	public function postSchemaChange(IOutput $output, Closure $schemaClosure, array $options): void {
+		$this->sanitizeDimension(
+			$output,
+			'signature_width',
+			SignatureTextService::DEFAULT_SIGNATURE_WIDTH,
+		);
+		$this->sanitizeDimension(
+			$output,
+			'signature_height',
+			SignatureTextService::DEFAULT_SIGNATURE_HEIGHT,
+		);
+	}
+
+	private function sanitizeDimension(IOutput $output, string $key, float $default): void {
+		$stored = $this->appConfig->getValueFloat(Application::APP_ID, $key, $default);
+		if (is_finite($stored) && $stored >= SignatureTextService::SIGNATURE_DIMENSION_MINIMUM) {
+			return;
+		}
+
+		$this->appConfig->setValueFloat(Application::APP_ID, $key, $default);
+		$output->warning(sprintf(
+			'Restored invalid "%s" value "%s" to default "%s".',
+			$key,
+			(string)$stored,
+			(string)$default,
+		));
+	}
+}
diff --git a/lib/Service/SignatureTextService.php b/lib/Service/SignatureTextService.php
@@ -29,6 +29,7 @@
 class SignatureTextService {
 	public const TEMPLATE_DEFAULT_FONT_SIZE = 10;
 	public const SIGNATURE_DEFAULT_FONT_SIZE = 20;
+	public const SIGNATURE_DIMENSION_MINIMUM = 1;
 	public const FONT_SIZE_MINIMUM = 0.1;
 	public const FRONT_SIZE_MAX = 30;
 	public const DEFAULT_SIGNATURE_WIDTH = 350;
@@ -69,6 +70,19 @@ public function save(
 			// within the accepted range.
 			throw new LibresignException($this->l10n->t('Invalid signature font size. The value must be between %.1f and %.0f.', [self::FONT_SIZE_MINIMUM, self::FRONT_SIZE_MAX]));
 		}
+		if (
+			!is_finite($signatureWidth)
+			|| !is_finite($signatureHeight)
+			|| $signatureWidth < self::SIGNATURE_DIMENSION_MINIMUM
+			|| $signatureHeight < self::SIGNATURE_DIMENSION_MINIMUM
+		) {
+			// TRANSLATORS This message is shown when the visible signature box size
+			// configured by the admin is invalid. "Signature box" is the rectangular
+			// area reserved for the handwritten-style signature image in the signed
+			// PDF. "Width" and "height" are its pixel dimensions. %.0f is the
+			// minimum allowed value for each dimension.
+			throw new LibresignException($this->l10n->t('Invalid signature box size. Width and height must be at least %.0f.', [self::SIGNATURE_DIMENSION_MINIMUM]));
+		}
 		$template = trim($template);
 		$template = preg_replace(
 			[
@@ -432,11 +446,11 @@ public function getDefaultTemplate(): string {
 	}
 
 	public function getFullSignatureWidth(): float {
-		return $this->appConfig->getValueFloat(Application::APP_ID, 'signature_width', self::DEFAULT_SIGNATURE_WIDTH);
+		return $this->getSanitizedDimension('signature_width', self::DEFAULT_SIGNATURE_WIDTH);
 	}
 
 	public function getFullSignatureHeight(): float {
-		return $this->appConfig->getValueFloat(Application::APP_ID, 'signature_height', self::DEFAULT_SIGNATURE_HEIGHT);
+		return $this->getSanitizedDimension('signature_height', self::DEFAULT_SIGNATURE_HEIGHT);
 	}
 
 	public function getSignatureWidth(): float {
@@ -448,7 +462,21 @@ public function getSignatureWidth(): float {
 	}
 
 	public function getSignatureHeight(): float {
-		return $this->appConfig->getValueFloat(Application::APP_ID, 'signature_height', self::DEFAULT_SIGNATURE_HEIGHT);
+		return $this->getFullSignatureHeight();
+	}
+
+	private function getSanitizedDimension(string $key, float $default): float {
+		$value = $this->appConfig->getValueFloat(Application::APP_ID, $key, $default);
+		if (!is_finite($value) || $value < self::SIGNATURE_DIMENSION_MINIMUM) {
+			$this->appConfig->setValueFloat(Application::APP_ID, $key, $default);
+			$this->logger->warning('Invalid signature dimension found in app config. Falling back to default.', [
+				'key' => $key,
+				'value' => $value,
+				'default' => $default,
+			]);
+			return $default;
+		}
+		return $value;
 	}
 
 	public function getTemplateFontSize(): float {
diff --git a/openapi-administration.json b/openapi-administration.json
@@ -1820,13 +1820,13 @@
                                         "type": "number",
                                         "format": "double",
                                         "default": 350,
-                                        "description": "Signature width"
+                                        "description": "Signature box width, minimum 1"
                                     },
                                     "signatureHeight": {
                                         "type": "number",
                                         "format": "double",
                                         "default": 100,
-                                        "description": "Signature height"
+                                        "description": "Signature box height, minimum 1"
                                     },
                                     "renderMode": {
                                         "type": "string",
diff --git a/openapi-full.json b/openapi-full.json
@@ -11080,13 +11080,13 @@
                                         "type": "number",
                                         "format": "double",
                                         "default": 350,
-                                        "description": "Signature width"
+                                        "description": "Signature box width, minimum 1"
                                     },
                                     "signatureHeight": {
                                         "type": "number",
                                         "format": "double",
                                         "default": 100,
-                                        "description": "Signature height"
+                                        "description": "Signature box height, minimum 1"
                                     },
                                     "renderMode": {
                                         "type": "string",
diff --git a/src/tests/views/Settings/SignatureStamp.spec.ts b/src/tests/views/Settings/SignatureStamp.spec.ts
@@ -316,4 +316,41 @@ describe('SignatureStamp.vue', () => {
 		expect(wrapper.vm.signatureWidth).toBe(180)
 		expect(wrapper.vm.signatureHeight).toBe(90)
 	})
+
+	it('regression: signature dimension fields bind min="1" matching the backend SIGNATURE_DIMENSION_MINIMUM', () => {
+		const wrapper = createWrapper()
+
+		const textFields = wrapper.findAllComponents({ name: 'NcTextField' })
+		const widthField = textFields.find(c => c.props('label') === 'Default signature width')
+		const heightField = textFields.find(c => c.props('label') === 'Default signature height')
+
+		expect(widthField).toBeDefined()
+		expect(heightField).toBeDefined()
+		expect(widthField!.attributes('min')).toBe('1')
+		expect(heightField!.attributes('min')).toBe('1')
+	})
+
+	it('regression: shows API error when saveTemplate receives a 400 for invalid signature box size', async () => {
+		axiosPostMock.mockRejectedValue({
+			response: {
+				data: {
+					ocs: {
+						data: {
+							error: 'Invalid signature box size. Width and height must be at least 1.',
+						},
+					},
+				},
+			},
+		})
+		const wrapper = createWrapper()
+
+		await wrapper.vm.saveTemplate()
+		await flushPromises()
+
+		expect(wrapper.vm.errorMessageTemplate).toContain(
+			'Invalid signature box size. Width and height must be at least 1.',
+		)
+		expect(wrapper.vm.parsed).toBe('')
+		expect(wrapper.vm.templateSaved).toBe(false)
+	})
 })
diff --git a/src/types/openapi/openapi-administration.ts b/src/types/openapi/openapi-administration.ts
@@ -1195,13 +1195,13 @@ export interface operations {
                     signatureFontSize?: number;
                     /**
                      * Format: double
-                     * @description Signature width
+                     * @description Signature box width, minimum 1
                      * @default 350
                      */
                     signatureWidth?: number;
                     /**
                      * Format: double
-                     * @description Signature height
+                     * @description Signature box height, minimum 1
                      * @default 100
                      */
                     signatureHeight?: number;
diff --git a/src/types/openapi/openapi-full.ts b/src/types/openapi/openapi-full.ts
@@ -5946,13 +5946,13 @@ export interface operations {
                     signatureFontSize?: number;
                     /**
                      * Format: double
-                     * @description Signature width
+                     * @description Signature box width, minimum 1
                      * @default 350
                      */
                     signatureWidth?: number;
                     /**
                      * Format: double
-                     * @description Signature height
+                     * @description Signature box height, minimum 1
                      * @default 100
                      */
                     signatureHeight?: number;
diff --git a/src/views/Settings/SignatureStamp.vue b/src/views/Settings/SignatureStamp.vue
@@ -136,7 +136,7 @@
 					:label="t('libresign', 'Default signature width')"
 					:placeholder="t('libresign', 'Default signature width')"
 					type="number"
-					:min="0.1"
+					:min="1"
 					:max="800"
 					:step="0.01"
 					:spellcheck="false"
@@ -157,7 +157,7 @@
 					:label="t('libresign', 'Default signature height')"
 					:placeholder="t('libresign', 'Default signature height')"
 					type="number"
-					:min="0.1"
+					:min="1"
 					:max="800"
 					:step="0.01"
 					:spellcheck="false"
diff --git a/tests/php/Unit/Handler/SignEngine/JSignPdfHandlerTest.php b/tests/php/Unit/Handler/SignEngine/JSignPdfHandlerTest.php
@@ -289,6 +289,7 @@ public function testSignAffectedParams(
 		$paramsAsOptions = preg_replace('/\\/\S+_text_image.png/', 'text_image.png', (string)$paramsAsOptions);
 		$paramsAsOptions = preg_replace('/\\/\S+_background.png/', 'background.png', (string)$paramsAsOptions);
 		$paramsAsOptions = preg_replace('/\\/\S+app-dark.png/', 'signature.png', (string)$paramsAsOptions);
+		$paramsAsOptions = preg_replace('/ --tsa-server-url\s+\S+/', '', (string)$paramsAsOptions);
 		$this->assertEquals($params, $paramsAsOptions);
 	}
 
@@ -507,6 +508,24 @@ public static function providerSignAffectedParams(): array {
 				'hashAlgorithm' => '',
 				'params' => '-a -kst PKCS12 --hash-algorithm SHA256 --l2-text "" -V -pg 2 -llx 10 -lly 20 -urx 30 -ury 40 --bg-path merged.png'
 			],
+			'regression: invalid stored dimensions should fallback to defaults and keep signing flow' => [
+				'visibleElements' => [self::getElement([
+					'page' => 2,
+					'llx' => 10,
+					'lly' => 20,
+					'urx' => 30,
+					'ury' => 40,
+				], realpath(__DIR__ . '/../../../../../img/app-dark.png'))],
+				'signatureWidth' => 0,
+				'signatureHeight' => 0,
+				'template' => '',
+				'signatureBackgroundType' => 'default',
+				'renderMode' => SignerElementsService::RENDER_MODE_GRAPHIC_AND_DESCRIPTION,
+				'templateFontSize' => 10,
+				'pdfContent' => '%PDF-1.6',
+				'hashAlgorithm' => '',
+				'params' => '-a -kst PKCS12 --hash-algorithm SHA256 --l2-text "" -V -pg 2 -llx 10 -lly 20 -urx 30 -ury 40 --bg-path merged.png'
+			],
 		];
 	}
 
diff --git a/tests/php/Unit/Service/SignatureTextServiceTest.php b/tests/php/Unit/Service/SignatureTextServiceTest.php
@@ -11,6 +11,7 @@
 
 use Imagick;
 use OCA\Libresign\AppInfo\Application;
+use OCA\Libresign\Exception\LibresignException;
 use OCA\Libresign\Service\SignatureTextService;
 use OCP\IAppConfig;
 use OCP\IDateTimeZone;
@@ -218,4 +219,45 @@ public static function providerSignerNameImage(): array {
 	public function testHasFont(): void {
 		$this->assertFileExists($fallbackFond = __DIR__ . '/../../../../3rdparty/composer/mpdf/mpdf/ttfonts/DejaVuSerifCondensed.ttf');
 	}
+
+	#[DataProvider('providerInvalidSignatureDimensions')]
+	public function testSaveShouldRejectInvalidSignatureDimensions(float $signatureWidth, float $signatureHeight): void {
+		$this->expectException(LibresignException::class);
+
+		$this->getClass()->save(
+			template: 'valid',
+			signatureWidth: $signatureWidth,
+			signatureHeight: $signatureHeight,
+		);
+	}
+
+	public static function providerInvalidSignatureDimensions(): array {
+		return [
+			'zero width' => [0.0, 100.0],
+			'fractional width below minimum' => [0.9999, 100.0],
+			'subnormal width' => [1.0E-320, 100.0],
+			'scientific width below minimum' => [1.0E-6, 100.0],
+			'negative width' => [-1.0, 100.0],
+			'very small negative width' => [-0.0001, 100.0],
+			'zero height' => [350.0, 0.0],
+			'fractional height below minimum' => [350.0, 0.9999],
+			'subnormal height' => [350.0, 1.0E-320],
+			'scientific height below minimum' => [350.0, 1.0E-6],
+			'negative height' => [350.0, -1.0],
+			'very small negative height' => [350.0, -0.0001],
+			'both dimensions zero' => [0.0, 0.0],
+			'both dimensions negative' => [-1.0, -1.0],
+			'both dimensions fractional below minimum' => [0.5, 0.5],
+		];
+	}
+
+	public function testGetFullSignatureDimensionsShouldFallbackToDefaultsWhenConfigIsInvalid(): void {
+		$this->appConfig->setValueFloat(Application::APP_ID, 'signature_width', 0.0);
+		$this->appConfig->setValueFloat(Application::APP_ID, 'signature_height', -1.0);
+
+		$class = $this->getClass();
+
+		$this->assertEquals(SignatureTextService::DEFAULT_SIGNATURE_WIDTH, $class->getFullSignatureWidth());
+		$this->assertEquals(SignatureTextService::DEFAULT_SIGNATURE_HEIGHT, $class->getFullSignatureHeight());
+	}
 }
