fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-04-02 01:52:10 +09:00
Code Issues Projects Releases Packages Wiki Activity

Simplify RVE-2026-6 patch using R\F\Security::sanitize()

Browse source
This commit is contained in:
Kijin Sung 2026-03-31 21:04:39 +09:00
parent b1f84365a5
commit 6be98ff58c
2 changed files with 8 additions and 8 deletions
Download patch file Download diff file Expand all files Collapse all files

2
modules/file/file.admin.controller.php
View file

@ -438,7 +438,7 @@ class FileAdminController extends File
Rhymix\Framework\Storage::createDirectory($temp_dir); Rhymix\Framework\Storage::createDirectory($temp_dir);
} }
$command = vsprintf('%s %s -resize %dx%d -quality %d %s %s %s', [ $command = vsprintf('%s %s -resize %dx%d -quality %d %s %s %s', [
(preg_match('![^a-z0-9/._-]!', $config->magick_command) || \RX_WINDOWS) ? escapeshellarg($config->magick_command) : $config->magick_command, Rhymix\Framework\Security::sanitize($config->magick_command, 'command'),
escapeshellarg(FileHandler::getRealPath($file->uploaded_filename)), escapeshellarg(FileHandler::getRealPath($file->uploaded_filename)),
$width, $height, $quality, $width, $height, $quality,
'-auto-orient -strip', '-auto-orient -strip',

14
modules/file/file.controller.php
View file

@ -1164,7 +1164,7 @@ class FileController extends File
// Get image information // Get image information
if (in_array($file_info['extension'], ['avif', 'heic', 'heif']) && !empty($config->magick_command) && Rhymix\Framework\Storage::isExecutable($config->magick_command)) if (in_array($file_info['extension'], ['avif', 'heic', 'heif']) && !empty($config->magick_command) && Rhymix\Framework\Storage::isExecutable($config->magick_command))
{ {
$command = (preg_match('![^a-z0-9/._-]!', $config->magick_command) || \RX_WINDOWS) ? escapeshellarg($config->magick_command) : $config->magick_command; $command = Rhymix\Framework\Security::sanitize($config->magick_command, 'command');
$command .= ' identify ' . escapeshellarg($file_info['tmp_name']); $command .= ' identify ' . escapeshellarg($file_info['tmp_name']);
if (!\RX_WINDOWS && isset($config->magick_timeout) && $config->magick_timeout > 0) if (!\RX_WINDOWS && isset($config->magick_timeout) && $config->magick_timeout > 0)
{ {
@ -1334,7 +1334,7 @@ class FileController extends File
$adjusted['height'] -= $adjusted['height'] % 2; $adjusted['height'] -= $adjusted['height'] % 2;
// Convert using ffmpeg // Convert using ffmpeg
$command = \RX_WINDOWS ? escapeshellarg($config->ffmpeg_command) : $config->ffmpeg_command; $command = Rhymix\Framework\Security::sanitize($config->ffmpeg_command, 'command');
$command .= ' -nostdin -i ' . escapeshellarg($file_info['tmp_name']); $command .= ' -nostdin -i ' . escapeshellarg($file_info['tmp_name']);
$command .= ' -movflags +faststart -pix_fmt yuv420p -c:v libx264 -crf 23'; $command .= ' -movflags +faststart -pix_fmt yuv420p -c:v libx264 -crf 23';
$command .= sprintf(' -vf "scale=%d:%d"', $adjusted['width'], $adjusted['height']); $command .= sprintf(' -vf "scale=%d:%d"', $adjusted['width'], $adjusted['height']);
@ -1364,7 +1364,7 @@ class FileController extends File
// Convert using magick // Convert using magick
$command = vsprintf('%s %s -resize %dx%d -quality %d %s %s %s', [ $command = vsprintf('%s %s -resize %dx%d -quality %d %s %s %s', [
(preg_match('![^a-z0-9/._-]!', $config->magick_command) || \RX_WINDOWS) ? escapeshellarg($config->magick_command) : $config->magick_command, Rhymix\Framework\Security::sanitize($config->magick_command, 'command'),
escapeshellarg($file_info['tmp_name']), escapeshellarg($file_info['tmp_name']),
$adjusted['width'], $adjusted['width'],
$adjusted['height'], $adjusted['height'],
@ -1389,7 +1389,7 @@ class FileController extends File
if (!$result && !empty($config->magick_command) && Rhymix\Framework\Storage::isExecutable($config->magick_command)) if (!$result && !empty($config->magick_command) && Rhymix\Framework\Storage::isExecutable($config->magick_command))
{ {
$command = vsprintf('%s %s -resize %dx%d -quality %d %s %s %s', [ $command = vsprintf('%s %s -resize %dx%d -quality %d %s %s %s', [
(preg_match('![^a-z0-9/._-]!', $config->magick_command) || \RX_WINDOWS) ? escapeshellarg($config->magick_command) : $config->magick_command, Rhymix\Framework\Security::sanitize($config->magick_command, 'command'),
escapeshellarg($file_info['tmp_name']), escapeshellarg($file_info['tmp_name']),
$adjusted['width'], $adjusted['width'],
$adjusted['height'], $adjusted['height'],
@ -1434,7 +1434,7 @@ class FileController extends File
} }
// Analyze video file // Analyze video file
$command = \RX_WINDOWS ? escapeshellarg($config->ffprobe_command) : $config->ffprobe_command; $command = Rhymix\Framework\Security::sanitize($config->ffprobe_command, 'command');
$command .= ' -v quiet -print_format json -show_streams'; $command .= ' -v quiet -print_format json -show_streams';
$command .= ' ' . escapeshellarg($file_info['tmp_name']); $command .= ' ' . escapeshellarg($file_info['tmp_name']);
@exec($command, $output, $return_var); @exec($command, $output, $return_var);
@ -1578,7 +1578,7 @@ class FileController extends File
$adjusted['height'] -= $adjusted['height'] % 2; $adjusted['height'] -= $adjusted['height'] % 2;
// Convert using ffmpeg // Convert using ffmpeg
$command = \RX_WINDOWS ? escapeshellarg($config->ffmpeg_command) : $config->ffmpeg_command; $command = Rhymix\Framework\Security::sanitize($config->ffmpeg_command, 'command');
$command .= ' -nostdin -i ' . escapeshellarg($file_info['tmp_name']); $command .= ' -nostdin -i ' . escapeshellarg($file_info['tmp_name']);
if ($adjusted['duration'] !== $file_info['duration']) if ($adjusted['duration'] !== $file_info['duration'])
{ {
@ -1621,7 +1621,7 @@ class FileController extends File
if ($config->video_thumbnail) if ($config->video_thumbnail)
{ {
$thumbnail_name = $file_info['tmp_name'] . '.thumbnail.jpeg'; $thumbnail_name = $file_info['tmp_name'] . '.thumbnail.jpeg';
$command = \RX_WINDOWS ? escapeshellarg($config->ffmpeg_command) : $config->ffmpeg_command; $command = Rhymix\Framework\Security::sanitize($config->ffmpeg_command, 'command');
$command .= sprintf(' -ss 00:00:00.%d -i %s -vframes 1', mt_rand(0, 99), escapeshellarg($file_info['tmp_name'])); $command .= sprintf(' -ss 00:00:00.%d -i %s -vframes 1', mt_rand(0, 99), escapeshellarg($file_info['tmp_name']));
$command .= ' -nostdin ' . escapeshellarg($thumbnail_name); $command .= ' -nostdin ' . escapeshellarg($thumbnail_name);
if (!\RX_WINDOWS && isset($config->ffmpeg_timeout) && $config->ffmpeg_timeout > 0) if (!\RX_WINDOWS && isset($config->ffmpeg_timeout) && $config->ffmpeg_timeout > 0)