From d7469c30d548b69e90c946d2cf9cf718d4bfd9c3 Mon Sep 17 00:00:00 2001
From: Tobie Morgan Hitchcock <tobie@abcum.com>
Date: Thu, 16 Nov 2017 20:44:20 +0000
Subject: [PATCH] Insure start and limit query params do not overflow limit

---
 web/routes.go | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/web/routes.go b/web/routes.go
index 5b443231..e647b108 100644
--- a/web/routes.go
+++ b/web/routes.go
@@ -29,6 +29,9 @@ import (
 func limit(c *fibre.Context, i int64) int64 {
 	if s := c.Query("limit"); len(s) > 0 {
 		if x, err := strconv.ParseInt(s, 10, 64); err == nil {
+			if x > i {
+				return i
+			}
 			return x
 		}
 	}
@@ -38,6 +41,9 @@ func limit(c *fibre.Context, i int64) int64 {
 func start(c *fibre.Context, i int64) int64 {
 	if s := c.Query("start"); len(s) > 0 {
 		if x, err := strconv.ParseInt(s, 10, 64); err == nil {
+			if x < i {
+				return i
+			}
 			return x
 		}
 	}