wip
This commit is contained in:
Hanson.xyz Dev
@@ -11,8 +11,8 @@
|
||||
// ///
|
||||
/////////////////////////////////////////////////////////////////
|
||||
|
||||
if(!defined('GETID3_LIBXML_OPTIONS') && defined('LIBXML_VERSION')) {
|
||||
if(LIBXML_VERSION >= 20621) {
|
||||
if (!defined('GETID3_LIBXML_OPTIONS') && defined('LIBXML_VERSION')) {
|
||||
if (LIBXML_VERSION >= 20621) {
|
||||
define('GETID3_LIBXML_OPTIONS', LIBXML_NOENT | LIBXML_NONET | LIBXML_NOWARNING | LIBXML_COMPACT);
|
||||
} else {
|
||||
define('GETID3_LIBXML_OPTIONS', LIBXML_NOENT | LIBXML_NONET | LIBXML_NOWARNING);
|
||||
@@ -73,7 +73,8 @@ class getid3_lib
|
||||
|
||||
/**
|
||||
* @param int|null $variable
|
||||
* @param int $increment
|
||||
* @param-out int $variable
|
||||
* @param int $increment
|
||||
*
|
||||
* @return bool
|
||||
*/
|
||||
@@ -115,7 +116,9 @@ class getid3_lib
|
||||
// check if integers are 64-bit
|
||||
static $hasINT64 = null;
|
||||
if ($hasINT64 === null) { // 10x faster than is_null()
|
||||
$hasINT64 = is_int(pow(2, 31)); // 32-bit int are limited to (2^31)-1
|
||||
/** @var int|float|object $bigInt */
|
||||
$bigInt = pow(2, 31);
|
||||
$hasINT64 = is_int($bigInt); // 32-bit int are limited to (2^31)-1
|
||||
if (!$hasINT64 && !defined('PHP_INT_MIN')) {
|
||||
define('PHP_INT_MIN', ~PHP_INT_MAX);
|
||||
}
|
||||
@@ -440,7 +443,7 @@ class getid3_lib
|
||||
}
|
||||
|
||||
/**
|
||||
* @param int $number
|
||||
* @param int|string $number
|
||||
*
|
||||
* @return string
|
||||
*/
|
||||
@@ -744,16 +747,36 @@ class getid3_lib
|
||||
* @return array|false
|
||||
*/
|
||||
public static function XML2array($XMLstring) {
|
||||
if (function_exists('simplexml_load_string') && function_exists('libxml_disable_entity_loader')) {
|
||||
// http://websec.io/2012/08/27/Preventing-XEE-in-PHP.html
|
||||
// https://core.trac.wordpress.org/changeset/29378
|
||||
// This function has been deprecated in PHP 8.0 because in libxml 2.9.0, external entity loading is
|
||||
// disabled by default, but is still needed when LIBXML_NOENT is used.
|
||||
$loader = @libxml_disable_entity_loader(true);
|
||||
$XMLobject = simplexml_load_string($XMLstring, 'SimpleXMLElement', GETID3_LIBXML_OPTIONS);
|
||||
$return = self::SimpleXMLelement2array($XMLobject);
|
||||
@libxml_disable_entity_loader($loader);
|
||||
return $return;
|
||||
if (function_exists('simplexml_load_string')) {
|
||||
if (PHP_VERSION_ID < 80000) {
|
||||
if (function_exists('libxml_disable_entity_loader')) {
|
||||
// http://websec.io/2012/08/27/Preventing-XEE-in-PHP.html
|
||||
// https://core.trac.wordpress.org/changeset/29378
|
||||
// This function has been deprecated in PHP 8.0 because in libxml 2.9.0, external entity loading is
|
||||
// disabled by default, but is still needed when LIBXML_NOENT is used.
|
||||
$loader = @libxml_disable_entity_loader(true);
|
||||
$XMLobject = simplexml_load_string($XMLstring, 'SimpleXMLElement', GETID3_LIBXML_OPTIONS);
|
||||
$return = self::SimpleXMLelement2array($XMLobject);
|
||||
@libxml_disable_entity_loader($loader);
|
||||
return $return;
|
||||
}
|
||||
} else {
|
||||
$allow = false;
|
||||
if (defined('LIBXML_VERSION') && (LIBXML_VERSION >= 20900)) {
|
||||
// https://www.php.net/manual/en/function.libxml-disable-entity-loader.php
|
||||
// "as of libxml 2.9.0 entity substitution is disabled by default, so there is no need to disable the loading
|
||||
// of external entities, unless there is the need to resolve internal entity references with LIBXML_NOENT."
|
||||
$allow = true;
|
||||
} elseif (function_exists('libxml_set_external_entity_loader')) {
|
||||
libxml_set_external_entity_loader(function () { return null; }); // https://www.zend.com/blog/cve-2023-3823
|
||||
$allow = true;
|
||||
}
|
||||
if ($allow) {
|
||||
$XMLobject = simplexml_load_string($XMLstring, 'SimpleXMLElement', GETID3_LIBXML_OPTIONS);
|
||||
$return = self::SimpleXMLelement2array($XMLobject);
|
||||
return $return;
|
||||
}
|
||||
}
|
||||
}
|
||||
return false;
|
||||
}
|
||||
@@ -1497,7 +1520,7 @@ class getid3_lib
|
||||
public static function GetDataImageSize($imgData, &$imageinfo=array()) {
|
||||
if (PHP_VERSION_ID >= 50400) {
|
||||
$GetDataImageSize = @getimagesizefromstring($imgData, $imageinfo);
|
||||
if ($GetDataImageSize === false || !isset($GetDataImageSize[0], $GetDataImageSize[1])) {
|
||||
if ($GetDataImageSize === false) {
|
||||
return false;
|
||||
}
|
||||
$GetDataImageSize['height'] = $GetDataImageSize[0];
|
||||
@@ -1525,7 +1548,7 @@ class getid3_lib
|
||||
fwrite($tmp, $imgData);
|
||||
fclose($tmp);
|
||||
$GetDataImageSize = @getimagesize($tempfilename, $imageinfo);
|
||||
if (($GetDataImageSize === false) || !isset($GetDataImageSize[0]) || !isset($GetDataImageSize[1])) {
|
||||
if ($GetDataImageSize === false) {
|
||||
return false;
|
||||
}
|
||||
$GetDataImageSize['height'] = $GetDataImageSize[0];
|
||||
@@ -1719,7 +1742,7 @@ class getid3_lib
|
||||
// METHOD B: cache all keys in this lookup - more memory but faster on next lookup of not-previously-looked-up key
|
||||
//$cache[$file][$name][substr($line, 0, $keylength)] = trim(substr($line, $keylength + 1));
|
||||
$explodedLine = explode("\t", $line, 2);
|
||||
$ThisKey = (isset($explodedLine[0]) ? $explodedLine[0] : '');
|
||||
$ThisKey = $explodedLine[0];
|
||||
$ThisValue = (isset($explodedLine[1]) ? $explodedLine[1] : '');
|
||||
$cache[$file][$name][$ThisKey] = trim($ThisValue);
|
||||
}
|
||||
@@ -1788,7 +1811,7 @@ class getid3_lib
|
||||
$commandline = 'ls -l '.escapeshellarg($path).' | awk \'{print $5}\'';
|
||||
}
|
||||
if (isset($commandline)) {
|
||||
$output = trim(`$commandline`);
|
||||
$output = trim(shell_exec($commandline));
|
||||
if (ctype_digit($output)) {
|
||||
$filesize = (float) $output;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user