From b3f6934cb870f2da9c9891968e6f4d98effa741e Mon Sep 17 00:00:00 2001 From: Andrey Andreev Date: Tue, 22 Mar 2016 11:31:58 +0200 Subject: [ci skip] Escape image paths passed as shell arguments to imagemagick --- system/libraries/Image_lib.php | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) (limited to 'system/libraries') diff --git a/system/libraries/Image_lib.php b/system/libraries/Image_lib.php index edd13372d..24fe8c68d 100644 --- a/system/libraries/Image_lib.php +++ b/system/libraries/Image_lib.php @@ -866,27 +866,28 @@ class CI_Image_lib { if ($action === 'crop') { - $cmd .= ' -crop '.$this->width.'x'.$this->height.'+'.$this->x_axis.'+'.$this->y_axis.' "'.$this->full_src_path.'" "'.$this->full_dst_path .'" 2>&1'; + $cmd .= ' -crop '.$this->width.'x'.$this->height.'+'.$this->x_axis.'+'.$this->y_axis; } elseif ($action === 'rotate') { - $angle = ($this->rotation_angle === 'hor' OR $this->rotation_angle === 'vrt') - ? '-flop' : '-rotate '.$this->rotation_angle; - - $cmd .= ' '.$angle.' "'.$this->full_src_path.'" "'.$this->full_dst_path.'" 2>&1'; + $cmd .= ($this->rotation_angle === 'hor' OR $this->rotation_angle === 'vrt') + ? ' -flop' + : ' -rotate '.$this->rotation_angle; } else // Resize { if($this->maintain_ratio === TRUE) { - $cmd .= ' -resize '.$this->width.'x'.$this->height.' "'.$this->full_src_path.'" "'.$this->full_dst_path.'" 2>&1'; + $cmd .= ' -resize '.$this->width.'x'.$this->height; } else { - $cmd .= ' -resize '.$this->width.'x'.$this->height.'\! "'.$this->full_src_path.'" "'.$this->full_dst_path.'" 2>&1'; + $cmd .= ' -resize '.$this->width.'x'.$this->height.'\!'; } } + $cmd .= ' "'.escapeshellarg($this->full_src_path).'" "'.escapeshellarg($this->full_dst_path).'" 2>&1'; + $retval = 1; // exec() might be disabled if (function_usable('exec')) -- cgit v1.2.3-24-g4f1b