diff -r 3d4e9c994f10 -r a86126ab1dd4 wp/wp-includes/ID3/module.tag.lyrics3.php --- a/wp/wp-includes/ID3/module.tag.lyrics3.php Tue Oct 22 16:11:46 2019 +0200 +++ b/wp/wp-includes/ID3/module.tag.lyrics3.php Tue Dec 15 13:49:49 2020 +0100 @@ -1,11 +1,11 @@ // -// available at http://getid3.sourceforge.net // -// or http://www.getid3.org // -// also https://github.com/JamesHeinrich/getID3 // -///////////////////////////////////////////////////////////////// -// See readme.txt for more details // +// available at https://github.com/JamesHeinrich/getID3 // +// or https://www.getid3.org // +// or http://getid3.sourceforge.net // +// see readme.txt for more details // ///////////////////////////////////////////////////////////////// /// // // module.tag.lyrics3.php // @@ -14,10 +14,14 @@ // /// ///////////////////////////////////////////////////////////////// - +if (!defined('GETID3_INCLUDEPATH')) { // prevent path-exposing attacks that access modules directly on public webservers + exit; +} class getid3_lyrics3 extends getid3_handler { - + /** + * @return bool + */ public function Analyze() { $info = &$this->getid3->info; @@ -30,7 +34,7 @@ $this->fseek((0 - 128 - 9 - 6), SEEK_END); // end - ID3v1 - "LYRICSEND" - [Lyrics3size] $lyrics3_id3v1 = $this->fread(128 + 9 + 6); - $lyrics3lsz = substr($lyrics3_id3v1, 0, 6); // Lyrics3size + $lyrics3lsz = (int) substr($lyrics3_id3v1, 0, 6); // Lyrics3size $lyrics3end = substr($lyrics3_id3v1, 6, 9); // LYRICSEND or LYRICS200 $id3v1tag = substr($lyrics3_id3v1, 15, 128); // ID3v1 @@ -61,7 +65,7 @@ // Lyrics3v2, no ID3v1, no APE - $lyrics3size = strrev(substr(strrev($lyrics3_id3v1), 9, 6)) + 6 + strlen('LYRICS200'); // LSZ = lyrics + 'LYRICSBEGIN'; add 6-byte size field; add 'LYRICS200' + $lyrics3size = (int) strrev(substr(strrev($lyrics3_id3v1), 9, 6)) + 6 + strlen('LYRICS200'); // LSZ = lyrics + 'LYRICSBEGIN'; add 6-byte size field; add 'LYRICS200' $lyrics3offset = $info['filesize'] - $lyrics3size; $lyrics3version = 2; @@ -96,7 +100,7 @@ } - if (isset($lyrics3offset)) { + if (isset($lyrics3offset) && isset($lyrics3version) && isset($lyrics3size)) { $info['avdataend'] = $lyrics3offset; $this->getLyrics3Data($lyrics3offset, $lyrics3version, $lyrics3size); @@ -105,7 +109,7 @@ $GETID3_ERRORARRAY = &$info['warning']; getid3_lib::IncludeDependency(GETID3_INCLUDEPATH.'module.tag.apetag.php', __FILE__, true); $getid3_temp = new getID3(); - $getid3_temp->openfile($this->getid3->filename); + $getid3_temp->openfile($this->getid3->filename, $this->getid3->info['filesize'], $this->getid3->fp); $getid3_apetag = new getid3_apetag($getid3_temp); $getid3_apetag->overrideendoffset = $info['lyrics3']['tag_offset_start']; $getid3_apetag->Analyze(); @@ -126,6 +130,13 @@ return true; } + /** + * @param int $endoffset + * @param int $version + * @param int $length + * + * @return bool + */ public function getLyrics3Data($endoffset, $version, $length) { // http://www.volweb.cz/str/tags.htm @@ -142,6 +153,8 @@ } $rawdata = $this->fread($length); + $ParsedLyrics3 = array(); + $ParsedLyrics3['raw']['lyrics3version'] = $version; $ParsedLyrics3['raw']['lyrics3tagsize'] = $length; $ParsedLyrics3['tag_offset_start'] = $endoffset; @@ -229,7 +242,6 @@ default: $this->error('Cannot process Lyrics3 version '.$version.' (only v1 and v2)'); return false; - break; } @@ -250,6 +262,11 @@ return true; } + /** + * @param string $rawtimestamp + * + * @return int|false + */ public function Lyrics3Timestamp2Seconds($rawtimestamp) { if (preg_match('#^\\[([0-9]{2}):([0-9]{2})\\]$#', $rawtimestamp, $regs)) { return (int) (($regs[1] * 60) + $regs[2]); @@ -257,8 +274,14 @@ return false; } + /** + * @param array $Lyrics3data + * + * @return bool + */ public function Lyrics3LyricsTimestampParse(&$Lyrics3data) { $lyricsarray = explode("\r\n", $Lyrics3data['raw']['LYR']); + $notimestamplyricsarray = array(); foreach ($lyricsarray as $key => $lyricline) { $regs = array(); unset($thislinetimestamps); @@ -287,6 +310,11 @@ return true; } + /** + * @param string $char + * + * @return bool|null + */ public function IntString2Bool($char) { if ($char == '1') { return true;