X-Git-Url: http://git.cyclocoop.org/?a=blobdiff_plain;f=includes%2Flibs%2Fmime%2FMimeAnalyzer.php;h=bafe5e3098211f0f31b74e3afb85017a7e804921;hb=d8e06a46a86d694a0d01238b04b51735b59a7846;hp=24621748eda3a39177db39761a77798769ca1471;hpb=eee30a9434ba5ba2dc2f1c2b3b5632543fcbc773;p=lhc%2Fweb%2Fwiklou.git

diff --git a/includes/libs/mime/MimeAnalyzer.php b/includes/libs/mime/MimeAnalyzer.php
index 24621748ed..bafe5e3098 100644
--- a/includes/libs/mime/MimeAnalyzer.php
+++ b/includes/libs/mime/MimeAnalyzer.php
@@ -806,10 +806,10 @@ EOT;
 
 		// Check for ZIP variants (before getimagesize)
 		$eocdrPos = strpos( $tail, "PK\x05\x06" );
-		if ( $eocdrPos !== false ) {
+		if ( $eocdrPos !== false && $eocdrPos <= strlen( $tail ) - 22 ) {
 			$this->logger->info( __METHOD__ . ": ZIP signature present in $file\n" );
 			// Check if it really is a ZIP file, make sure the EOCDR is at the end (T40432)
-			$commentLength = unpack( "n", substr( $tail, $eocdrPos + 20 ) )[0];
+			$commentLength = unpack( "n", substr( $tail, $eocdrPos + 20 ) )[1];
 			if ( $eocdrPos + 22 + $commentLength !== strlen( $tail ) ) {
 				$this->logger->info( __METHOD__ . ": ZIP EOCDR not at end. Not a ZIP file." );
 			} else {