r71548 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r71547‎ \| r71548 \| r71549 >
Date:	09:51, 24 August 2010
Author:	tstarling
Status:	ok
Tags:
Comment:	A little extra paranoia. We wouldn't want a vulnerability in identify or tiffinfo or exiv2 or their output parsers to lead to arbitrary shell execution.
Modified paths:	/trunk/extensions/PagedTiffHandler/PagedTiffHandler.image.php (modified) (history)

Diff [purge]

Index: trunk/extensions/PagedTiffHandler/PagedTiffHandler.image.php
—	—	@@ -63,8 +63,8 @@
64	64	public static function getPageSize( $data, $page ) {
65	65	if ( isset( $data['page_data'][$page] ) ) {
66	66	return array(
67		~~- 'width' => $data['page_data'][$page]['width'],~~
68		~~- 'height' => $data['page_data'][$page]['height']~~
	67	+ 'width' => intval( $data['page_data'][$page]['width'] ),
	68	+ 'height' => intval( $data['page_data'][$page]['height'] )
69	69	);
70	70	}
71	71	return false;

Follow-up revisions

Revision	Commit summary	Author	Date
r71623	Updated to trunk head (r71204, r71548, i18n)	tstarling	06:24, 25 August 2010

Status & tagging log

18:12, 24 August 2010 Platonides (talk | contribs) changed the status of r71548 [removed: new added: ok]