SECURITY: imagemagick/graphicsmagick was ignoring all errors
So, in a much older patch I had a problem where an incorrect RGB profile would make image uploads fail. I fixed this by using strpos against the error message...but didn't check the return value correctly. That means that any error from gm/im was ignored. This caused people to upload too large images and flood /b/ with 1 x 10000 pixel images My fault, patched now. Sorry about that. Conflicts: inc/image.php
This commit is contained in:
parent
b2cbb70da3
commit
6052ed8d3d
@ -330,6 +330,7 @@ class ImageConvert extends ImageBase {
|
||||
$convert_args = str_replace('-auto-orient', '', $config['convert_args']);
|
||||
else
|
||||
$convert_args = &$config['convert_args'];
|
||||
|
||||
if (($error = shell_exec_error(($this->gm ? 'gm ' : '') . 'convert ' .
|
||||
sprintf($convert_args,
|
||||
$this->width,
|
||||
@ -361,6 +362,11 @@ class ImageConvert extends ImageBase {
|
||||
$this->width,
|
||||
$this->height,
|
||||
escapeshellarg($this->temp)))) || !file_exists($this->temp)) {
|
||||
|
||||
if (strpos($error, "known incorrect sRGB profile") === false) {
|
||||
$this->destroy();
|
||||
error('Failed to resize image!', null, array('convert_error' => $error));
|
||||
}
|
||||
if (!file_exists($this->temp)) {
|
||||
$this->destroy();
|
||||
error(_('Failed to resize image!'), null, $error);
|
||||
|
Loading…
Reference in New Issue
Block a user