1
0
mirror of https://github.com/ezyang/htmlpurifier.git synced 2025-07-31 03:10:09 +02:00

avoid exif_imagetype exception with small files/corrupt data URI

This commit is contained in:
Bart Butler
2016-07-12 17:23:12 -07:00
committed by Edward Z. Yang
parent 0166c3728b
commit 3747cb7efb
2 changed files with 15 additions and 0 deletions

View File

@@ -79,6 +79,11 @@ class HTMLPurifier_URIScheme_data extends HTMLPurifier_URIScheme
} else {
$raw_data = $data;
}
if ( strlen($raw_data) < 12 ) {
// error; exif_imagetype throws exception with small files,
// and this likely indicates a corrupt URI/failed parse anyway
return false;
}
// XXX probably want to refactor this into a general mechanism
// for filtering arbitrary content types
if (function_exists('sys_get_temp_dir')) {