r86225 MediaWiki - Code Review archive

Repository:MediaWiki
Revision:r86224‎ | r86225 | r86226 >
Date:18:34, 16 April 2011
Author:bawolff
Status:ok
Tags:
Comment:
follow-up r86195 (Sort of). Make sure the string there can really be exploded before calling explode on it.

I originally had the two variables that r86195 removed there to catch the case of a malformed
png file that didn't have a null byte where it was supposed to. However, just declaring the default
for those variables wouldn't have been enough to prevent the warning from list( blah, blah) = explode(..
So now explicitly check the null byte is there like it should be.
Modified paths:
  • /trunk/phase3/includes/media/PNGMetadataExtractor.php (modified) (history)

Diff [purge]

Index: trunk/phase3/includes/media/PNGMetadataExtractor.php
@@ -203,6 +203,11 @@
204204 } elseif ( $chunk_type == 'tEXt' ) {
205205 $buf = self::read( $fh, $chunk_size );
206206
 207+ // In case there is no \x00 which will make explode fail.
 208+ if ( strpos( $buf, "\x00" ) === false ) {
 209+ throw new Exception( __METHOD__ . ": Read error on tEXt chunk" );
 210+ }
 211+
207212 list( $keyword, $content ) = explode( "\x00", $buf, 2 );
208213 if ( $keyword === '' || $content === '' ) {
209214 throw new Exception( __METHOD__ . ": Read error on tEXt chunk" );
@@ -231,6 +236,11 @@
232237 if ( function_exists( 'gzuncompress' ) ) {
233238 $buf = self::read( $fh, $chunk_size );
234239
 240+ // In case there is no \x00 which will make explode fail.
 241+ if ( strpos( $buf, "\x00" ) === false ) {
 242+ throw new Exception( __METHOD__ . ": Read error on zTXt chunk" );
 243+ }
 244+
235245 list( $keyword, $postKeyword ) = explode( "\x00", $buf, 2 );
236246 if ( $keyword === '' || $postKeyword === '' ) {
237247 throw new Exception( __METHOD__ . ": Read error on zTXt chunk" );

Past revisions this follows-up on

RevisionCommit summaryAuthorDate
r86195Remove some unused variables...reedy11:17, 16 April 2011

Status & tagging log