dépôts / lhc / web / wiklou.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 00bd303) | patch
SECURITY: Don't allow entities in XMP with HHVM
authorcsteipp <csteipp@wikimedia.org>
Thu, 12 Mar 2015 22:49:22 +0000 (15:49 -0700)
committercsteipp <csteipp@wikimedia.org>
Wed, 1 Apr 2015 16:56:43 +0000 (09:56 -0700)
commit15ce698afc0bb3ab56217981c3e16ef0d4f9de74
tree1c0fd6b2f39377f8fc776d787604c5b3a619672btree | snapshot
parent00bd303b6048213bb75ee0d0307256a678a91cc9commit | diff
SECURITY: Don't allow entities in XMP with HHVM

Test for, and refuse to parse, XMP chunks with a doctype declaration
when parsing XMP under HHVM.

Bug: T85848
Change-Id: Iea4feb077ee85a35509a920153daaa9321ee69f3
includes/media/BitmapMetadataHandler.php diff | blob | history
includes/media/JpegMetadataExtractor.php diff | blob | history
includes/media/XMP.php diff | blob | history
tests/phpunit/data/xmp/doctype-included.result.php [new file with mode: 0644] blob
tests/phpunit/data/xmp/doctype-included.xmp [new file with mode: 0644] blob
tests/phpunit/data/xmp/doctype-not-included.xmp [new file with mode: 0644] blob
tests/phpunit/includes/media/XMPTest.php diff | blob | history
Wiklou, le Wiki du Wiklou