diff options
| author | Pierre Schmitz <pierre@archlinux.de> | 2014-01-14 19:24:18 +0100 |
|---|---|---|
| committer | Pierre Schmitz <pierre@archlinux.de> | 2014-01-14 19:24:18 +0100 |
| commit | 224b22a051051f6c2e494c3a2fb4adb42898e2d1 (patch) | |
| tree | 85a41a4cf8533bf740ec4c8d3affce88414daa56 /includes/upload/UploadBase.php | |
| parent | 9937b8e6d6a8b4517c04c143daaf9ebd42ce8ba0 (diff) | |
Update to MediaWiki 1.22.1
Diffstat (limited to 'includes/upload/UploadBase.php')
| -rw-r--r-- | includes/upload/UploadBase.php | 47 |
1 files changed, 38 insertions, 9 deletions
diff --git a/includes/upload/UploadBase.php b/includes/upload/UploadBase.php index 2260241d..916ad6c1 100644 --- a/includes/upload/UploadBase.php +++ b/includes/upload/UploadBase.php @@ -250,7 +250,7 @@ abstract class UploadBase { /** * @param string $srcPath the source path - * @return string the real path if it was a virtual URL + * @return string|bool the real path if it was a virtual URL Returns false on failure */ function getRealPath( $srcPath ) { wfProfileIn( __METHOD__ ); @@ -259,12 +259,15 @@ abstract class UploadBase { // @todo just make uploads work with storage paths // UploadFromStash loads files via virtual URLs $tmpFile = $repo->getLocalCopy( $srcPath ); - $tmpFile->bind( $this ); // keep alive with $this - wfProfileOut( __METHOD__ ); - return $tmpFile->getPath(); + if ( $tmpFile ) { + $tmpFile->bind( $this ); // keep alive with $this + } + $path = $tmpFile ? $tmpFile->getPath() : false; + } else { + $path = $srcPath; } wfProfileOut( __METHOD__ ); - return $srcPath; + return $path; } /** @@ -475,9 +478,10 @@ abstract class UploadBase { return array( 'uploadscripted' ); } if ( $this->mFinalExtension == 'svg' || $mime == 'image/svg+xml' ) { - if ( $this->detectScriptInSvg( $this->mTempPath ) ) { + $svgStatus = $this->detectScriptInSvg( $this->mTempPath ); + if ( $svgStatus !== false ) { wfProfileOut( __METHOD__ ); - return array( 'uploadscripted' ); + return $svgStatus; } } } @@ -1158,8 +1162,33 @@ abstract class UploadBase { * @return bool */ protected function detectScriptInSvg( $filename ) { - $check = new XmlTypeCheck( $filename, array( $this, 'checkSvgScriptCallback' ) ); - return $check->filterMatch; + $check = new XmlTypeCheck( + $filename, + array( $this, 'checkSvgScriptCallback' ), + true, + array( 'processing_instruction_handler' => 'UploadBase::checkSvgPICallback' ) + ); + if ( $check->wellFormed !== true ) { + // Invalid xml (bug 58553) + return array( 'uploadinvalidxml' ); + } elseif ( $check->filterMatch ) { + return array( 'uploadscripted' ); + } + return false; + } + + /** + * Callback to filter SVG Processing Instructions. + * @param $target string processing instruction name + * @param $data string processing instruction attribute and value + * @return bool (true if the filter identified something bad) + */ + public static function checkSvgPICallback( $target, $data ) { + // Don't allow external stylesheets (bug 57550) + if ( preg_match( '/xml-stylesheet/i', $target) ) { + return true; + } + return false; } /** |