Mercurial > hg > mgallery

comparison mgtool.php @ 319:bf4115b6dc2a

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Improve WebP parsing resiliency. feof($fh) does not return true when ftell() == filesize exactly.
author Matti Hamalainen <ccr@tnsp.org>
date Mon, 06 Apr 2020 20:48:07 +0300
parents d66caa602023
children a4c6937dfaaf
comparison
equal deleted inserted replaced
318:9638512be261 319:bf4115b6dc2a
277 { 277 {
278 if ($probe["riffsize"] > $fileData["size"]) 278 if ($probe["riffsize"] > $fileData["size"])
279 return "Invalid WebP file, chunk size larger than file size"; 279 return "Invalid WebP file, chunk size larger than file size";
280 280
281 $done = 0; 281 $done = 0;
282 while (!feof($fh) && $done < 2) 282 while (!feof($fh) && ftell($fh) < $fileData["size"] && $done < 2)
283 { 283 {
284 // Read chunk header 284 // Read chunk header
285 if (($data = @fread($fh, 2 * 4)) == FALSE) 285 if (($data = @fread($fh, 2 * 4)) == FALSE)
286 return "File read error in WebP RIFF chunk header"; 286 return "File read error in WebP RIFF chunk header";
287 287
288 $chunk = unpack("c4id/L1size", $data); 288 $chunk = unpack("c4id/L1size", $data);
289 289
290 /* 290 /*
291 printf("chunk: '%c%c%c%c' (%02x %02x %02x %02x) osize=%d\n", 291 printf("chunk: '%c%c%c%c' (%02x %02x %02x %02x) osize=%d\n",
292 $chunk["id1"], $chunk["id2"], $chunk["id3"], $chunk["id4"], 292 $chunk["id1"], $chunk["id2"], $chunk["id3"], $chunk["id4"],
293 $chunk["id1"], $chunk["id2"], $chunk["id3"], $chunk["id4"], 293 $chunk["id1"], $chunk["id2"], $chunk["id3"], $chunk["id4"],
294 $chunk["size"]); 294 $chunk["size"]);
295 */ 295 */
296 296
297 // Check for EXIF chunk 297 // Check for EXIF chunk
298 if ($chunk["id1"] == 0x45 && $chunk["id2"] == 0x58 && 298 if ($chunk["id1"] == 0x45 && $chunk["id2"] == 0x58 &&
299 $chunk["id3"] == 0x49 && $chunk["id4"] == 0x46) 299 $chunk["id3"] == 0x49 && $chunk["id4"] == 0x46)
300 { 300 {