From 98f7c65dddf0667f1a0462e08be9e6273ce658fb Mon Sep 17 00:00:00 2001 From: Florian Pritz Date: Mon, 31 Dec 2018 23:47:46 +0100 Subject: Stop making PDF thumbnails with imagemagick Arch Linux disables PDF support in imagemagick due to security concerns. This results in broken thumbnails for PDF files. By disabling it we just get the normal file list which should be fine too. If necessary this could be extended to be configurable, but I don't think doing that is necessary. Signed-off-by: Florian Pritz --- NEWS | 2 ++ .../libraries/Image/Drivers/imagemagick.php | 3 +-- application/test/tests/test_libraries_image.php | 22 ++++++++++++++++------ 3 files changed, 19 insertions(+), 8 deletions(-) diff --git a/NEWS b/NEWS index 273276fc9..7abd50fe1 100644 --- a/NEWS +++ b/NEWS @@ -1,6 +1,8 @@ This file lists major, incompatible or otherwise important changes, you should look at it after every update. NEXT + - Remove imagemagick PDF thumbnail support due to Arch Linux disabling it in + imagemagick due to repeated security concerns. 3.3.0 2018-09-19 - LDAP: Allow optional binding/authentication diff --git a/application/libraries/Image/Drivers/imagemagick.php b/application/libraries/Image/Drivers/imagemagick.php index 8295469eb..33e62ffe4 100644 --- a/application/libraries/Image/Drivers/imagemagick.php +++ b/application/libraries/Image/Drivers/imagemagick.php @@ -18,8 +18,7 @@ class imagemagick implements \libraries\Image\ImageDriver { $mimetype = $mimetype; $base = explode("/", $mimetype)[0]; - if ($base == "image" - || in_array($mimetype, array("application/pdf"))) { + if ($base == "image") { return 100; } diff --git a/application/test/tests/test_libraries_image.php b/application/test/tests/test_libraries_image.php index 99a963dea..d6afc64df 100644 --- a/application/test/tests/test_libraries_image.php +++ b/application/test/tests/test_libraries_image.php @@ -28,8 +28,8 @@ class test_libraries_image extends \test\Test { { $this->t->is(\libraries\Image::type_supported('image/png'), true, 'image/png should be supported'); $this->t->is(\libraries\Image::type_supported('image/jpeg'), true, 'image/jpeg should be supported'); - $this->t->is(\libraries\Image::type_supported('application/pdf'), true, 'application/pdf should be supported'); + $this->t->is(\libraries\Image::type_supported('application/pdf'), false, 'application/pdf should not be supported'); $this->t->is(\libraries\Image::type_supported('application/octet-stream'), false, 'application/octet-stream should not be supported'); $this->t->is(\libraries\Image::type_supported('text/plain'), false, 'text/plain should not be supported'); } @@ -45,11 +45,21 @@ class test_libraries_image extends \test\Test { public function test_makeThumb_PDF() { - $img = new \libraries\Image(FCPATH."/data/tests/simple.pdf"); - $img->makeThumb(150, 150); - $thumb = $img->get(IMAGETYPE_JPEG); - - $this->t->ok($thumb !== "", "Got thumbnail"); + try { + $img = new \libraries\Image(FCPATH."/data/tests/simple.pdf"); + $this->t->fail("PDF should not be supported"); + $img->makeThumb(150, 150); + $thumb = $img->get(IMAGETYPE_JPEG); + $this->t->ok($thumb !== "", "Got thumbnail"); + } catch (\exceptions\PublicApiException $e) { + $correct_error = $e->get_error_id() == "libraries/Image/unsupported-image-type"; + $this->t->ok($correct_error, "Should get exception"); + if (!$correct_error) { + // @codeCoverageIgnoreStart + throw $e; + // @codeCoverageIgnoreEnd + } + } } public function test_makeThumb_binaryFile() -- cgit v1.2.3-24-g4f1b