From: Tim Starling Date: Fri, 23 Apr 2010 16:24:54 +0000 (+0000) Subject: More rigorous fix for ImageMagick parameter interpretation (bug 23148 etc.) based... X-Git-Tag: 1.31.0-rc.0~37033 X-Git-Url: http://git.cyclocoop.org/%7B%24www_url%7Dadmin/compta/operations/?a=commitdiff_plain;h=41a4e0ea85597495c6f34c8d4f35b96abae97ee7;p=lhc%2Fweb%2Fwiklou.git More rigorous fix for ImageMagick parameter interpretation (bug 23148 etc.) based on examination of the source code, updating r64932. The source was large and complex and I might have missed some bits, but this is my best guess for now. Tested bug 23148 and wildcards in filenames (was broken) using a patched convert. With a manual unit test (no convert), tested all branches of the new functions except wfIsWindows() == true. --- diff --git a/includes/media/Bitmap.php b/includes/media/Bitmap.php index aada9c5b99..d34f125ec2 100644 --- a/includes/media/Bitmap.php +++ b/includes/media/Bitmap.php @@ -62,7 +62,7 @@ class BitmapHandler extends ImageHandler { $physicalHeight = $params['physicalHeight']; $clientWidth = $params['width']; $clientHeight = $params['height']; - $descriptionUrl = isset( $params['descriptionUrl'] ) ? "File source: ". $params['descriptionUrl'] : ''; + $comment = isset( $params['descriptionUrl'] ) ? "File source: ". $params['descriptionUrl'] : ''; $srcWidth = $image->getWidth(); $srcHeight = $image->getHeight(); $mimeType = $image->getMimeType(); @@ -113,7 +113,7 @@ class BitmapHandler extends ImageHandler { $quality = ''; $sharpen = ''; - $frame = ''; + $scene = false; $animation = ''; if ( $mimeType == 'image/jpeg' ) { $quality = "-quality 80"; // 80% @@ -127,7 +127,7 @@ class BitmapHandler extends ImageHandler { if( $this->getImageArea( $image, $srcWidth, $srcHeight ) > $wgMaxAnimatedGifArea ) { // Extract initial frame only; we're so big it'll // be a total drag. :P - $frame = '[0]'; + $scene = 0; } else { // Coalesce is needed to scale animated GIFs properly (bug 1017). $animation = ' -coalesce '; @@ -151,18 +151,16 @@ class BitmapHandler extends ImageHandler { $tempEnv . wfEscapeShellArg( $wgImageMagickConvertCommand ) . " {$quality} -background white -size {$physicalWidth} ". - wfEscapeShellArg( $srcPath . $frame ) . + wfEscapeShellArg( $this->escapeMagickInput( $srcPath, $scene ) ) . $animation . // For the -resize option a "!" is needed to force exact size, // or ImageMagick may decide your ratio is wrong and slice off // a pixel. " -thumbnail " . wfEscapeShellArg( "{$physicalWidth}x{$physicalHeight}!" ) . - // Add the source url as a comment to the thumb. A % is an - // escape character in ImageMagick, so needs escaping (bug 23148) - // http://www.imagemagick.org/script/escape.php?ImageMagick=i766ho1om315scce8eh75efjc6 - " -set comment " . wfEscapeShellArg( str_replace( '%', '%%', $descriptionUrl ) ) . + // Add the source url as a comment to the thumb. + " -set comment " . wfEscapeShellArg( $this->escapeMagickProperty( $comment ) ) . " -depth 8 $sharpen " . - wfEscapeShellArg( $dstPath ) . " 2>&1"; + wfEscapeShellArg( $this->escapeMagickOutput( $dstPath ) ) . " 2>&1"; wfDebug( __METHOD__.": running ImageMagick: $cmd\n" ); wfProfileIn( 'convert' ); $err = wfShellExec( $cmd, $retval ); @@ -254,6 +252,90 @@ class BitmapHandler extends ImageHandler { } } + /** + * Escape a string for ImageMagick's property input (e.g. -set -comment) + * See InterpretImageProperties() in magick/property.c + */ + function escapeMagickProperty( $s ) { + // Double the backslashes + $s = str_replace( '\\', '\\\\', $s ); + // Double the percents + $s = str_replace( '%', '%%', $s ); + // Escape initial - or @ + if ( strlen( $s ) > 0 && ( $s[0] === '-' || $s[0] === '@' ) ) { + $s = '\\' . $s; + } + return $s; + } + + /** + * Escape a string for ImageMagick's input filenames. See ExpandFilenames() + * and GetPathComponent() in magick/utility.c. + * + * This won't work with an initial ~ or @, so input files should be prefixed + * with the directory name. + * + * Glob character unescaping is broken in ImageMagick before 6.6.1-5, but + * it's broken in a way that doesn't involve trying to convert every file + * in a directory, so we're better off escaping and waiting for the bugfix + * to filter down to users. + * + * @param $path string The file path + * @param $scene string The scene specification, or false if there is none + */ + function escapeMagickInput( $path, $scene = false ) { + # Die on initial metacharacters (caller should prepend path) + $firstChar = substr( $path, 0, 1 ); + if ( $firstChar === '~' || $firstChar === '@' ) { + throw new MWException( __METHOD__.': cannot escape this path name' ); + } + + # Escape glob chars + $path = preg_replace( '/[*?\[\]{}]/', '\\\\\0', $path ); + + return $this->escapeMagickPath( $path, $scene ); + } + + /** + * Escape a string for ImageMagick's output filename. See + * InterpretImageFilename() in magick/image.c. + */ + function escapeMagickOutput( $path, $scene = false ) { + $path = str_replace( '%', '%%', $path ); + return $this->escapeMagickPath( $path, $scene ); + } + + /** + * Armour a string against ImageMagick's GetPathComponent(). This is a + * helper function for escapeMagickInput() and escapeMagickOutput(). + * + * @param $path string The file path + * @param $scene string The scene specification, or false if there is none + */ + protected function escapeMagickPath( $path, $scene = false ) { + # Die on format specifiers (other than drive letters). The regex is + # meant to match all the formats you get from "convert -list format" + if ( preg_match( '/^([a-zA-Z0-9-]+):/', $path, $m ) ) { + if ( wfIsWindows() && is_dir( $m[0] ) ) { + // OK, it's a drive letter + // ImageMagick has a similar exception, see IsMagickConflict() + } else { + throw new MWException( __METHOD__.': unexpected colon character in path name' ); + } + } + + # If there are square brackets, add a do-nothing scene specification + # to force a literal interpretation + if ( $scene === false ) { + if ( strpos( $path, '[' ) !== false ) { + $path .= '[0--1]'; + } + } else { + $path .= "[$scene]"; + } + return $path; + } + static function imageJpegWrapper( $dst_image, $thumbPath ) { imageinterlace( $dst_image ); imagejpeg( $dst_image, $thumbPath, 95 );