Make WordPress Core


Ignore:
Timestamp:
06/28/2015 12:16:17 AM (9 years ago)
Author:
wonderboymusic
Message:

Update getID3 to 1.9.9

Changelog:

Fixes #32806.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-includes/ID3/getid3.lib.php

    r29734 r32979  
    520520
    521521    public static function XML2array($XMLstring) {
    522         if ( function_exists( 'simplexml_load_string' ) && function_exists( 'libxml_disable_entity_loader' ) ) {
    523             $loader = libxml_disable_entity_loader( true );
    524             $XMLobject = simplexml_load_string( $XMLstring, 'SimpleXMLElement', LIBXML_NOENT );
    525             $return = self::SimpleXMLelement2array( $XMLobject );
    526             libxml_disable_entity_loader( $loader );
     522        if (function_exists('simplexml_load_string') && function_exists('libxml_disable_entity_loader')) {
     523            // http://websec.io/2012/08/27/Preventing-XEE-in-PHP.html
     524            // https://core.trac.wordpress.org/changeset/29378
     525            $loader = libxml_disable_entity_loader(true);
     526            $XMLobject = simplexml_load_string($XMLstring, 'SimpleXMLElement', LIBXML_NOENT);
     527            $return = self::SimpleXMLelement2array($XMLobject);
     528            libxml_disable_entity_loader($loader);
    527529            return $return;
    528530        }
     
    11641166                fclose($tmp);
    11651167                $GetDataImageSize = @getimagesize($tempfilename, $imageinfo);
     1168                $GetDataImageSize['height'] = $GetDataImageSize[0];
     1169                $GetDataImageSize['width']  = $GetDataImageSize[1];
    11661170            }
    11671171            unlink($tempfilename);
Note: See TracChangeset for help on using the changeset viewer.