From: Bartosz Dziewoński <matma.rex@gmail.com>
Date: Thu, 29 Sep 2016 22:15:48 +0000 (+0200)
Subject: JpegMetadataExtractor: Allow empty segments
X-Git-Tag: 1.31.0-rc.0~5266^2
X-Git-Url: https://git.cyclocoop.org/%7B%24www_url%7Dadmin/compta/banques/%7B%7B%20url_for%28%27admin_users%27%29%20%7D%7D?a=commitdiff_plain;h=ee2ed0e40321be622cb1d3ac431b9643b84907e8;p=lhc%2Fweb%2Fwiklou.git

JpegMetadataExtractor: Allow empty segments

A segment which consists only of the marker and length value
(equal to 2, the length of the value itself) appears to be
perfectly valid, and is ignored by every image viewer I tested.

Bug: T147015
Change-Id: I3124c587ccb1c457df25fd5bf7a47feab9312a38
---

diff --git a/includes/media/JpegMetadataExtractor.php b/includes/media/JpegMetadataExtractor.php
index 81722c6d62..9ad40977bc 100644
--- a/includes/media/JpegMetadataExtractor.php
+++ b/includes/media/JpegMetadataExtractor.php
@@ -155,7 +155,7 @@ class JpegMetadataExtractor {
 			} else {
 				// segment we don't care about, so skip
 				$size = wfUnpack( "nint", fread( $fh, 2 ), 2 );
-				if ( $size['int'] <= 2 ) {
+				if ( $size['int'] < 2 ) {
 					throw new MWException( "invalid marker size in jpeg" );
 				}
 				fseek( $fh, $size['int'] - 2, SEEK_CUR );
@@ -173,9 +173,13 @@ class JpegMetadataExtractor {
 	 */
 	private static function jpegExtractMarker( &$fh ) {
 		$size = wfUnpack( "nint", fread( $fh, 2 ), 2 );
-		if ( $size['int'] <= 2 ) {
+		if ( $size['int'] < 2 ) {
 			throw new MWException( "invalid marker size in jpeg" );
 		}
+		if ( $size['int'] === 2 ) {
+			// fread( ..., 0 ) generates a warning
+			return '';
+		}
 		$segment = fread( $fh, $size['int'] - 2 );
 		if ( strlen( $segment ) !== $size['int'] - 2 ) {
 			throw new MWException( "Segment shorter than expected" );