diff -r 490d5cc509ed -r cf61fcea0001 wp/wp-includes/ID3/getid3.lib.php --- a/wp/wp-includes/ID3/getid3.lib.php Tue Jun 09 11:14:17 2015 +0000 +++ b/wp/wp-includes/ID3/getid3.lib.php Mon Oct 14 17:39:30 2019 +0200 @@ -293,6 +293,9 @@ return self::BigEndian2Int(strrev($byteword), false, $signed); } + public static function LittleEndian2Bin($byteword) { + return self::BigEndian2Bin(strrev($byteword)); + } public static function BigEndian2Bin($byteword) { $binvalue = ''; @@ -414,6 +417,20 @@ return $newarray; } + public static function flipped_array_merge_noclobber($array1, $array2) { + if (!is_array($array1) || !is_array($array2)) { + return false; + } + # naturally, this only works non-recursively + $newarray = array_flip($array1); + foreach (array_flip($array2) as $key => $val) { + if (!isset($newarray[$key])) { + $newarray[$key] = count($newarray); + } + } + return array_flip($newarray); + } + public static function ksort_recursive(&$theArray) { ksort($theArray); @@ -519,11 +536,13 @@ } public static function XML2array($XMLstring) { - if ( function_exists( 'simplexml_load_string' ) && function_exists( 'libxml_disable_entity_loader' ) ) { - $loader = libxml_disable_entity_loader( true ); - $XMLobject = simplexml_load_string( $XMLstring, 'SimpleXMLElement', LIBXML_NOENT ); - $return = self::SimpleXMLelement2array( $XMLobject ); - libxml_disable_entity_loader( $loader ); + if (function_exists('simplexml_load_string') && function_exists('libxml_disable_entity_loader')) { + // http://websec.io/2012/08/27/Preventing-XEE-in-PHP.html + // https://core.trac.wordpress.org/changeset/29378 + $loader = libxml_disable_entity_loader(true); + $XMLobject = simplexml_load_string($XMLstring, 'SimpleXMLElement', LIBXML_NOENT); + $return = self::SimpleXMLelement2array($XMLobject); + libxml_disable_entity_loader($loader); return $return; } return false; @@ -944,8 +963,20 @@ return $string; } + // mb_convert_encoding() availble + if (function_exists('mb_convert_encoding')) { + if ($converted_string = @mb_convert_encoding($string, $out_charset, $in_charset)) { + switch ($out_charset) { + case 'ISO-8859-1': + $converted_string = rtrim($converted_string, "\x00"); + break; + } + return $converted_string; + } + return $string; + } // iconv() availble - if (function_exists('iconv')) { + else if (function_exists('iconv')) { if ($converted_string = @iconv($in_charset, $out_charset.'//TRANSLIT', $string)) { switch ($out_charset) { case 'ISO-8859-1': @@ -961,7 +992,7 @@ } - // iconv() not available + // neither mb_convert_encoding or iconv() is available static $ConversionFunctionList = array(); if (empty($ConversionFunctionList)) { $ConversionFunctionList['ISO-8859-1']['UTF-8'] = 'iconv_fallback_iso88591_utf8'; @@ -983,7 +1014,7 @@ $ConversionFunction = $ConversionFunctionList[strtoupper($in_charset)][strtoupper($out_charset)]; return self::$ConversionFunction($string); } - throw new Exception('PHP does not have iconv() support - cannot convert from '.$in_charset.' to '.$out_charset); + throw new Exception('PHP does not has mb_convert_encoding() or iconv() support - cannot convert from '.$in_charset.' to '.$out_charset); } public static function recursiveMultiByteCharString2HTML($data, $charset='ISO-8859-1') { @@ -1004,38 +1035,38 @@ $string = (string) $string; // in case trying to pass a numeric (float, int) string, would otherwise return an empty string $HTMLstring = ''; - switch ($charset) { + switch (strtolower($charset)) { case '1251': case '1252': case '866': case '932': case '936': case '950': - case 'BIG5': - case 'BIG5-HKSCS': + case 'big5': + case 'big5-hkscs': case 'cp1251': case 'cp1252': case 'cp866': - case 'EUC-JP': - case 'EUCJP': - case 'GB2312': + case 'euc-jp': + case 'eucjp': + case 'gb2312': case 'ibm866': - case 'ISO-8859-1': - case 'ISO-8859-15': - case 'ISO8859-1': - case 'ISO8859-15': - case 'KOI8-R': + case 'iso-8859-1': + case 'iso-8859-15': + case 'iso8859-1': + case 'iso8859-15': + case 'koi8-r': case 'koi8-ru': case 'koi8r': - case 'Shift_JIS': - case 'SJIS': + case 'shift_jis': + case 'sjis': case 'win-1251': - case 'Windows-1251': - case 'Windows-1252': + case 'windows-1251': + case 'windows-1252': $HTMLstring = htmlentities($string, ENT_COMPAT, $charset); break; - case 'UTF-8': + case 'utf-8': $strlen = strlen($string); for ($i = 0; $i < $strlen; $i++) { $char_ord_val = ord($string{$i}); @@ -1063,7 +1094,7 @@ } break; - case 'UTF-16LE': + case 'utf-16le': for ($i = 0; $i < strlen($string); $i += 2) { $charval = self::LittleEndian2Int(substr($string, $i, 2)); if (($charval >= 32) && ($charval <= 127)) { @@ -1074,7 +1105,7 @@ } break; - case 'UTF-16BE': + case 'utf-16be': for ($i = 0; $i < strlen($string); $i += 2) { $charval = self::BigEndian2Int(substr($string, $i, 2)); if (($charval >= 32) && ($charval <= 127)) { @@ -1151,11 +1182,19 @@ public static function GetDataImageSize($imgData, &$imageinfo=array()) { static $tempdir = ''; if (empty($tempdir)) { + if (function_exists('sys_get_temp_dir')) { + $tempdir = sys_get_temp_dir(); // https://github.com/JamesHeinrich/getID3/issues/52 + } + // yes this is ugly, feel free to suggest a better way - require_once(dirname(__FILE__).'/getid3.php'); - $getid3_temp = new getID3(); - $tempdir = $getid3_temp->tempdir; - unset($getid3_temp); + if (include_once(dirname(__FILE__).'/getid3.php')) { + if ($getid3_temp = new getID3()) { + if ($getid3_temp_tempdir = $getid3_temp->tempdir) { + $tempdir = $getid3_temp_tempdir; + } + unset($getid3_temp, $getid3_temp_tempdir); + } + } } $GetDataImageSize = false; if ($tempfilename = tempnam($tempdir, 'gI3')) { @@ -1163,6 +1202,11 @@ fwrite($tmp, $imgData); fclose($tmp); $GetDataImageSize = @getimagesize($tempfilename, $imageinfo); + if (($GetDataImageSize === false) || !isset($GetDataImageSize[0]) || !isset($GetDataImageSize[1])) { + return false; + } + $GetDataImageSize['height'] = $GetDataImageSize[0]; + $GetDataImageSize['width'] = $GetDataImageSize[1]; } unlink($tempfilename); } @@ -1233,10 +1277,14 @@ } if (is_array($value) || empty($ThisFileInfo['comments'][$tagname]) || !in_array(trim($value), $ThisFileInfo['comments'][$tagname])) { $value = (is_string($value) ? trim($value) : $value); - if (!is_numeric($key)) { + if (!is_int($key) && !ctype_digit($key)) { $ThisFileInfo['comments'][$tagname][$key] = $value; } else { - $ThisFileInfo['comments'][$tagname][] = $value; + if (isset($ThisFileInfo['comments'][$tagname])) { + $ThisFileInfo['comments'][$tagname] = array($value); + } else { + $ThisFileInfo['comments'][$tagname][] = $value; + } } } } @@ -1244,6 +1292,18 @@ } } + // attempt to standardize spelling of returned keys + $StandardizeFieldNames = array( + 'tracknumber' => 'track_number', + 'track' => 'track_number', + ); + foreach ($StandardizeFieldNames as $badkey => $goodkey) { + if (array_key_exists($badkey, $ThisFileInfo['comments']) && !array_key_exists($goodkey, $ThisFileInfo['comments'])) { + $ThisFileInfo['comments'][$goodkey] = $ThisFileInfo['comments'][$badkey]; + unset($ThisFileInfo['comments'][$badkey]); + } + } + // Copy to ['comments_html'] if (!empty($ThisFileInfo['comments'])) { foreach ($ThisFileInfo['comments'] as $field => $values) { @@ -1373,4 +1433,4 @@ return substr(basename('X'.$splited[count($splited) - 1], $suffix), 1); } -} \ No newline at end of file +}