From cd437b485b3abde59679fdac98148500f38c3f4b Mon Sep 17 00:00:00 2001
From: bohung <bohung@rulingcom.com>
Date: Tue, 25 Oct 2022 12:02:54 +0800
Subject: [PATCH] Fix vulnerable.

---
 app/controllers/ru_captcha/captcha_controller.rb | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/app/controllers/ru_captcha/captcha_controller.rb b/app/controllers/ru_captcha/captcha_controller.rb
index 532d784..a4ee721 100644
--- a/app/controllers/ru_captcha/captcha_controller.rb
+++ b/app/controllers/ru_captcha/captcha_controller.rb
@@ -4,6 +4,9 @@ module RuCaptcha
       return head :ok if request.head?
       headers['Cache-Control'] = 'no-cache, no-store, max-age=0, must-revalidate'
       headers['Pragma'] = 'no-cache'
+      if params[:t].present? && (!params[:t].is_i? rescue true)
+        render :body => nil, :status => 404 and return
+      end
       if params[:format] == "wav" and RuCaptcha.espeak?
         data = generate_speech_rucaptcha
         opts = { disposition: 'inline', type: 'audio/wav' }