From b379a978f54cb87121b4659fafec4510532bae87 Mon Sep 17 00:00:00 2001
From: sombra2eternity <sombra2eternity@gmail.com>
Date: Tue, 5 Sep 2017 07:46:00 +0200
Subject: [PATCH 1/3] Avoid DOS with gigant ckSize values (#60)

Normalize quotes and avoid DOS with gigant ckSize values
---
 garbage.php | 15 +++++++++------
 1 file changed, 9 insertions(+), 6 deletions(-)

diff --git a/garbage.php b/garbage.php
index 8aa73e5..e94a52a 100644
--- a/garbage.php
+++ b/garbage.php
@@ -4,21 +4,24 @@
 @ini_set('output_buffering', 'Off');
 @ini_set('output_handler', '');
 // Headers
-header( "HTTP/1.1 200 OK" );
+header('HTTP/1.1 200 OK');
 // Download follows...
 header('Content-Description: File Transfer');
 header('Content-Type: application/octet-stream');
 header('Content-Disposition: attachment; filename=random.dat'); 
 header('Content-Transfer-Encoding: binary');
 // Never cache me
-header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0");
-header("Cache-Control: post-check=0, pre-check=0", false);
-header("Pragma: no-cache");
+header('Cache-Control: no-store, no-cache, must-revalidate, max-age=0');
+header('Cache-Control: post-check=0, pre-check=0', false);
+header('Pragma: no-cache');
 // Generate data
 $data=openssl_random_pseudo_bytes(1048576);
 // Deliver chunks of 1048576 bytes
-for($i=0;$i<intval($_GET["ckSize"]);$i++){
+$chunks=isset($_GET['ckSize']) ?? intval($_GET['ckSize']) : 4;
+if(empty($chunks)){$chunks = 4;}
+if($chunks>100){$chunks = 100;}
+for($i=0;$i<$chunks;$i++){
     echo $data;
     flush();
 }
-?>
\ No newline at end of file
+?>

From 6730d2befc597cf239a2383b0ce7be00884936e0 Mon Sep 17 00:00:00 2001
From: dosse91 <dosse91@paranoici.org>
Date: Tue, 5 Sep 2017 07:45:52 +0200
Subject: [PATCH 2/3] Fixed typo in garbage.php

---
 garbage.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/garbage.php b/garbage.php
index e94a52a..27c1bfc 100644
--- a/garbage.php
+++ b/garbage.php
@@ -8,7 +8,7 @@ header('HTTP/1.1 200 OK');
 // Download follows...
 header('Content-Description: File Transfer');
 header('Content-Type: application/octet-stream');
-header('Content-Disposition: attachment; filename=random.dat'); 
+header('Content-Disposition: attachment; filename=random.dat');
 header('Content-Transfer-Encoding: binary');
 // Never cache me
 header('Cache-Control: no-store, no-cache, must-revalidate, max-age=0');
@@ -17,7 +17,7 @@ header('Pragma: no-cache');
 // Generate data
 $data=openssl_random_pseudo_bytes(1048576);
 // Deliver chunks of 1048576 bytes
-$chunks=isset($_GET['ckSize']) ?? intval($_GET['ckSize']) : 4;
+$chunks=isset($_GET['ckSize']) ? intval($_GET['ckSize']) : 4;
 if(empty($chunks)){$chunks = 4;}
 if($chunks>100){$chunks = 100;}
 for($i=0;$i<$chunks;$i++){

From 6be8d3f7b55ac636294af00218d61b5997b46ab2 Mon Sep 17 00:00:00 2001
From: dosse91 <dosse91@paranoici.org>
Date: Tue, 5 Sep 2017 07:47:33 +0200
Subject: [PATCH 3/3] Updated doc.md

---
 doc.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc.md b/doc.md
index 6857720..d21e1fb 100644
--- a/doc.md
+++ b/doc.md
@@ -164,7 +164,7 @@ w.postMessage('start {"param1": "value1", "param2": "value2", ...}')
 * __garbagePhp_chunkSize__: size of chunks sent by garbage.php in megabytes
     * Default: `20`
     * Recommended: `>=10`
-    * Default override: 5 on Safari if enable_quirks is true
+    * Maximum: `100`
 * __xhr_dlMultistream__: how many streams should be opened for the download test
     * Default: `10`
     * Recommended: `>=3`