From 1956c2ecfd9513892a1547a62976dc05bc2c2cc4 Mon Sep 17 00:00:00 2001 From: Hypolite Petovan Date: Sat, 17 Feb 2024 22:27:37 -0500 Subject: [PATCH] Avoid passing null bytes in regular expression in Object\Image - Remove capturing expression for A|B in favor of bracket syntax in regular expression since matches aren't used. - Regular expressions have their own character escape notation including backslashes that need to be escaped in a PHP string. - Actually address https://github.com/friendica/friendica/issues/13761#issuecomment-1949930922 --- src/Object/Image.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/Object/Image.php b/src/Object/Image.php index d024904c3d..d2a5c3ce77 100644 --- a/src/Object/Image.php +++ b/src/Object/Image.php @@ -53,7 +53,7 @@ class Image * * @param string $data Image data * @param string $type optional, default '' - * @param string $filename optional, default '' + * @param string $filename optional, default '' * @param string $imagick optional, default 'true' * @throws \Friendica\Network\HTTPException\InternalServerErrorException * @throws \ImagickException @@ -100,7 +100,7 @@ class Image } if ($this->imageType == IMAGETYPE_GIF) { - $count = @preg_match_all("#\x00\x21\xF9\x04.{4}\x00(\x2C|\x21)#s", $data); + $count = preg_match_all("#\\x00\\x21\\xF9\\x04.{4}\\x00[\\x2C\\x21]#s", $data); return ($count > 0); } @@ -748,7 +748,7 @@ class Image case IMAGETYPE_GIF: imagegif($this->image, $stream); break; - + case IMAGETYPE_WEBP: imagewebp($this->image, $stream, DI::config()->get('system', 'jpeg_quality')); break;