From 0b2ff643b65ee4948e4f74bb5cad5babdaddef27 Mon Sep 17 00:00:00 2001
From: Dan Baker <16193241+bakerds@users.noreply.github.com>
Date: Mon, 17 Apr 2023 08:40:41 -0400
Subject: [PATCH] Added data validation for color values

---
 lib/WeatherMap.functions.php | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/lib/WeatherMap.functions.php b/lib/WeatherMap.functions.php
index 3c62b13..d606a89 100644
--- a/lib/WeatherMap.functions.php
+++ b/lib/WeatherMap.functions.php
@@ -268,7 +268,15 @@ function myimagecolorallocate($image, $red, $green, $blue)
 {
 	// it's possible that we're being called early - just return straight away, in that case
 	if(!isset($image)) return(-1);
-	
+
+	// Make sure color values are in a sane range
+	if($red > 255) { $red = 255; }
+	if($green > 255) { $green = 255; }
+	if($blue > 255) { $blue = 255; }
+	if($red < 0) { $red = 0; }
+	if($green < 0) { $green = 0; }
+	if($blue < 0) { $blue = 0; }
+
 	$existing=imagecolorexact($image, $red, $green, $blue);
 
 	if ($existing > -1)