← Back to branch summary

~ubuntu-branches/debian/sid/mediawiki/sid

« back to all changes in this revision

Viewing changes to includes/MimeMagic.php

  • Committer: Package Import Robot
  • Author(s): Thorsten Glaser
  • Date: 2014-06-26 09:57:03 UTC
  • mfrom: (1.3.17)
  • Revision ID: package-import@ubuntu.com-20140626095703-5f7lfn12xbpzkeh1
Tags: 1:1.19.17+dfsg-1
* New upstream security and maintenance release:
  - (bug 65839) SECURITY: Prevent external resources in SVG files.
  - (bug 66428) MimeMagic: Don't seek before BOF. This has weird
    side effects like only extracting the tail of the file partially
    or not at all.
* Update lintian overrides

Show diffs side-by-side

added added

removed removed

Lines of Context:
includes/MimeMagic.php
566
566
         *
567
567
         * @param string $file
568
568
         * @param mixed $ext
 
569
         * @throws MWException
569
570
         */
570
571
        private function doGuessMimeType( $file, $ext ) { // TODO: remove $ext param
571
572
                // Read a chunk of the file
572
573
                wfSuppressWarnings();
573
 
                // @todo FIXME: Shouldn't this be rb?
574
 
                $f = fopen( $file, 'rt' );
 
574
                $f = fopen( $file, 'rb' );
575
575
                wfRestoreWarnings();
576
576
                
577
577
                if( !$f ) {
578
578
                        return 'unknown/unknown';
579
579
                }
 
580
 
 
581
                $fsize = filesize( $file );
 
582
                if ( $fsize === false ) {
 
583
                        return 'unknown/unknown';
 
584
                }
 
585
 
580
586
                $head = fread( $f, 1024 );
581
 
                fseek( $f, -65558, SEEK_END );
582
 
                $tail = fread( $f, 65558 ); // 65558 = maximum size of a zip EOCDR
 
587
                $tailLength = min( 65558, $fsize ); // 65558 = maximum size of a zip EOCDR
 
588
                if ( fseek( $f, -1 * $tailLength, SEEK_END ) === -1 ) {
 
589
                        throw new MWException(
 
590
                                "Seeking $tailLength bytes from EOF failed in " . __METHOD__ );
 
591
                }
 
592
                $tail = fread( $f, $tailLength );
583
593
                fclose( $f );
584
594
 
585
595
                wfDebug( __METHOD__ . ": analyzing head and tail of $file for magic numbers.\n" );