From 7dc15a23acf372fe7d5498e4128ae728367fef88 Mon Sep 17 00:00:00 2001 From: zero-24 Date: Wed, 17 May 2017 20:01:01 +0200 Subject: [PATCH 01/14] fix the issues --- libraries/cms/helper/media.php | 35 +++++++++++++++++----------------- 1 file changed, 18 insertions(+), 17 deletions(-) diff --git a/libraries/cms/helper/media.php b/libraries/cms/helper/media.php index 98c0ec213b87d..1aef7e7fb477c 100644 --- a/libraries/cms/helper/media.php +++ b/libraries/cms/helper/media.php @@ -49,45 +49,46 @@ public static function getTypeIcon($fileName) /** * Checks the Mime type * - * @param string $file The filename or tmp_name - * @param string $component The optional name for the component storing the parameters + * @param string $file The filename or tmp_name + * @param string $component The optional name for the component storing the parameters + * @param boolean $image True if the passed file is a image else false * * @return boolean true if mime type checking is disabled or it passes the checks else false * * @since 3.7 */ - private function checkMimeType($file, $component = 'com_media') + private function checkMimeType($file, $component = 'com_media', $isImage = false) { $params = JComponentHelper::getParams($component); if ($params->get('check_mime', 1)) { - $mime = false; + $mime = false; try { - if (function_exists('exif_imagetype')) + if ($isImage && function_exists('exif_imagetype')) { $mime = image_type_to_mime_type(exif_imagetype($file)); } - elseif (function_exists('finfo_open')) + elseif ($isImage && function_exists('getimagesize')) { - // We have fileinfo - $finfo = finfo_open(FILEINFO_MIME); - $mime = finfo_file($finfo, $file); - - finfo_close($finfo); + $imagesize = getimagesize($file); + $mime = (isset($imagesize['mime'])) ? $imagesize['mime'] : false; } elseif (function_exists('mime_content_type')) { // We have mime magic. $mime = mime_content_type($file); } - elseif (function_exists('getimagesize')) + elseif (function_exists('finfo_open')) { - $imagesize = getimagesize($file); - $mime = (isset($imagesize['mime'])) ? $imagesize['mime'] : false; + // We have fileinfo + $finfo = finfo_open(FILEINFO_MIME_TYPE); + $mime = finfo_file($finfo, $file); + finfo_close($finfo); } + } catch (Exception $e) { @@ -164,7 +165,7 @@ public function canUpload($file, $component = 'com_media') return false; } - $filetype = array_pop($filetypes); + $filetype = array_pop($filetypes); $allowable = array_map('trim', explode(',', $params->get('upload_extensions'))); $ignored = array_map('trim', explode(',', $params->get('ignore_extensions'))); @@ -193,7 +194,7 @@ public function canUpload($file, $component = 'com_media') // If tmp_name is empty, then the file was bigger than the PHP limit if (!empty($file['tmp_name'])) { - $result = $this->checkMimeType($file['tmp_name'], $component); + $result = $this->checkMimeType($file['tmp_name'], $component, true); // If the mime type is not allowed we don't upload it if ($result === false) @@ -212,7 +213,7 @@ public function canUpload($file, $component = 'com_media') } elseif (!in_array($filetype, $ignored)) { - $result = $this->checkMimeType($file['tmp_name'], $component); + $result = $this->checkMimeType($file['tmp_name'], $component, false); // If the mime type is not allowed we don't upload it if ($result === false) From 018a76c16f3bbc53df761b45d7db49d1bc89beef Mon Sep 17 00:00:00 2001 From: zero-24 Date: Wed, 17 May 2017 20:04:23 +0200 Subject: [PATCH 02/14] add fallback --- libraries/cms/helper/media.php | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/libraries/cms/helper/media.php b/libraries/cms/helper/media.php index 1aef7e7fb477c..f1ab9aded9d2f 100644 --- a/libraries/cms/helper/media.php +++ b/libraries/cms/helper/media.php @@ -88,7 +88,6 @@ private function checkMimeType($file, $component = 'com_media', $isImage = false $mime = finfo_file($finfo, $file); finfo_close($finfo); } - } catch (Exception $e) { @@ -96,6 +95,12 @@ private function checkMimeType($file, $component = 'com_media', $isImage = false return false; } + // If we cant detect the mime try it again + if ($mime == 'application/octet-stream' && $isImage === true) + { + $this->checkMimeType($file, $component, false); + } + // Get the mime type configuration $allowedMime = array_map('trim', explode(',', $params->get('upload_mime'))); From 8acc085031a00cb4f4a51e3fdc378d1c489450c5 Mon Sep 17 00:00:00 2001 From: zero-24 Date: Wed, 17 May 2017 20:09:03 +0200 Subject: [PATCH 03/14] missing return --- libraries/cms/helper/media.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libraries/cms/helper/media.php b/libraries/cms/helper/media.php index f1ab9aded9d2f..6cabecdaee524 100644 --- a/libraries/cms/helper/media.php +++ b/libraries/cms/helper/media.php @@ -98,7 +98,7 @@ private function checkMimeType($file, $component = 'com_media', $isImage = false // If we cant detect the mime try it again if ($mime == 'application/octet-stream' && $isImage === true) { - $this->checkMimeType($file, $component, false); + return $this->checkMimeType($file, $component, false); } // Get the mime type configuration From 707fa774d72da6634d09e48177154f0d7730618e Mon Sep 17 00:00:00 2001 From: zero-24 Date: Wed, 17 May 2017 20:51:43 +0200 Subject: [PATCH 04/14] better handling --- .../language/en-GB/en-GB.lib_joomla.ini | 3 +- language/en-GB/en-GB.lib_joomla.ini | 3 +- libraries/cms/helper/media.php | 134 ++++++++++++------ 3 files changed, 92 insertions(+), 48 deletions(-) diff --git a/administrator/language/en-GB/en-GB.lib_joomla.ini b/administrator/language/en-GB/en-GB.lib_joomla.ini index 40806b5226615..93e8359c4253c 100644 --- a/administrator/language/en-GB/en-GB.lib_joomla.ini +++ b/administrator/language/en-GB/en-GB.lib_joomla.ini @@ -670,7 +670,8 @@ JLIB_MEDIA_ERROR_WARNFILETOOLARGE="This file is too large to upload." JLIB_MEDIA_ERROR_WARNFILETYPE="This file type is not supported." JLIB_MEDIA_ERROR_WARNIEXSS="Possible IE XSS Attack found." JLIB_MEDIA_ERROR_WARNINVALID_IMG="Not a valid image." -JLIB_MEDIA_ERROR_WARNINVALID_MIME="Illegal or invalid mime type detected." +JLIB_MEDIA_ERROR_WARNINVALID_MIME="Invalid mime type detected." +JLIB_MEDIA_ERROR_WARNINVALID_MIMETYPE="Illegal mime type detected: %s" JLIB_MEDIA_ERROR_WARNNOTADMIN="Uploaded file is not an image file and you do not have permission." JLIB_NO_EDITOR_PLUGIN_PUBLISHED="Unable to display an editor because no editor plugin is published." diff --git a/language/en-GB/en-GB.lib_joomla.ini b/language/en-GB/en-GB.lib_joomla.ini index 40806b5226615..93e8359c4253c 100644 --- a/language/en-GB/en-GB.lib_joomla.ini +++ b/language/en-GB/en-GB.lib_joomla.ini @@ -670,7 +670,8 @@ JLIB_MEDIA_ERROR_WARNFILETOOLARGE="This file is too large to upload." JLIB_MEDIA_ERROR_WARNFILETYPE="This file type is not supported." JLIB_MEDIA_ERROR_WARNIEXSS="Possible IE XSS Attack found." JLIB_MEDIA_ERROR_WARNINVALID_IMG="Not a valid image." -JLIB_MEDIA_ERROR_WARNINVALID_MIME="Illegal or invalid mime type detected." +JLIB_MEDIA_ERROR_WARNINVALID_MIME="Invalid mime type detected." +JLIB_MEDIA_ERROR_WARNINVALID_MIMETYPE="Illegal mime type detected: %s" JLIB_MEDIA_ERROR_WARNNOTADMIN="Uploaded file is not an image file and you do not have permission." JLIB_NO_EDITOR_PLUGIN_PUBLISHED="Unable to display an editor because no editor plugin is published." diff --git a/libraries/cms/helper/media.php b/libraries/cms/helper/media.php index 6cabecdaee524..eea6c9d1fc69b 100644 --- a/libraries/cms/helper/media.php +++ b/libraries/cms/helper/media.php @@ -46,10 +46,62 @@ public static function getTypeIcon($fileName) return strtolower(substr($fileName, strrpos($fileName, '.') + 1)); } + /** + * Get the Mime type + * + * @param string $file The link to the file to be checked + * @param boolean $isImage True if the passed file is a image else false + * + * @return mixed the mime type detected false on error + * + * @since __DEPLOY_VERSION__ + */ + private function getMimeType($file, $isImage = false) + { + try + { + if ($isImage && function_exists('exif_imagetype')) + { + $mime = image_type_to_mime_type(exif_imagetype($file)); + } + elseif ($isImage && function_exists('getimagesize')) + { + $imagesize = getimagesize($file); + $mime = (isset($imagesize['mime'])) ? $imagesize['mime'] : false; + } + elseif (function_exists('mime_content_type')) + { + // We have mime magic. + $mime = mime_content_type($file); + } + elseif (function_exists('finfo_open')) + { + // We have fileinfo + $finfo = finfo_open(FILEINFO_MIME_TYPE); + $mime = finfo_file($finfo, $file); + finfo_close($finfo); + } + } + catch (Exception $e) + { + // If we have any kind of error here => false; + return false; + } + + // If we cant detect the mime try it again + if ($mime == 'application/octet-stream' && $isImage === true) + { + return $this->getMimeType($file, false); + } + + // We have a mime here + return $mime; + } + /** * Checks the Mime type * - * @param string $file The filename or tmp_name + * @param string $mime The filename or tmp_name * @param string $component The optional name for the component storing the parameters * @param boolean $image True if the passed file is a image else false * @@ -57,50 +109,12 @@ public static function getTypeIcon($fileName) * * @since 3.7 */ - private function checkMimeType($file, $component = 'com_media', $isImage = false) + private function checkMimeType($mime, $component = 'com_media') { $params = JComponentHelper::getParams($component); if ($params->get('check_mime', 1)) { - $mime = false; - - try - { - if ($isImage && function_exists('exif_imagetype')) - { - $mime = image_type_to_mime_type(exif_imagetype($file)); - } - elseif ($isImage && function_exists('getimagesize')) - { - $imagesize = getimagesize($file); - $mime = (isset($imagesize['mime'])) ? $imagesize['mime'] : false; - } - elseif (function_exists('mime_content_type')) - { - // We have mime magic. - $mime = mime_content_type($file); - } - elseif (function_exists('finfo_open')) - { - // We have fileinfo - $finfo = finfo_open(FILEINFO_MIME_TYPE); - $mime = finfo_file($finfo, $file); - finfo_close($finfo); - } - } - catch (Exception $e) - { - // If we have any kind of error here => false; - return false; - } - - // If we cant detect the mime try it again - if ($mime == 'application/octet-stream' && $isImage === true) - { - return $this->checkMimeType($file, $component, false); - } - // Get the mime type configuration $allowedMime = array_map('trim', explode(',', $params->get('upload_mime'))); @@ -199,10 +213,24 @@ public function canUpload($file, $component = 'com_media') // If tmp_name is empty, then the file was bigger than the PHP limit if (!empty($file['tmp_name'])) { - $result = $this->checkMimeType($file['tmp_name'], $component, true); + // Get the mime type this is a image file + $mime = $this->getMimeType($file['tmp_name'], true); - // If the mime type is not allowed we don't upload it - if ($result === false) + // Did we got anything usefull? + if ($mime != false) + { + $result = $this->checkMimeType($mime, $component, true); + + // If the mime type is not allowed we don't upload it and show the mime code error to the user + if ($result === false) + { + $app->enqueueMessage(JText::_('JLIB_MEDIA_ERROR_WARNINVALID_MIMETYPE', $mime), 'error'); + + return false; + } + } + // We can't detect the mime type so it looks like a invalid image' + else { $app->enqueueMessage(JText::_('JLIB_MEDIA_ERROR_WARNINVALID_IMG'), 'error'); @@ -218,10 +246,24 @@ public function canUpload($file, $component = 'com_media') } elseif (!in_array($filetype, $ignored)) { - $result = $this->checkMimeType($file['tmp_name'], $component, false); + // Get the mime type this is not a image file + $mime = $this->getMimeType($file['tmp_name'], false); + + // Did we got anything usefull? + if ($mime != false) + { + $result = $this->checkMimeType($mime, $component, true); - // If the mime type is not allowed we don't upload it - if ($result === false) + // If the mime type is not allowed we don't upload it and show the mime code error to the user + if ($result === false) + { + $app->enqueueMessage(JText::_('JLIB_MEDIA_ERROR_WARNINVALID_MIMETYPE', $mime), 'error'); + + return false; + } + } + // We can't detect the mime type so it looks like a invalid image' + else { $app->enqueueMessage(JText::_('JLIB_MEDIA_ERROR_WARNINVALID_MIME'), 'error'); From be489e6f9cb04630c245989482e4e728ca7b133d Mon Sep 17 00:00:00 2001 From: zero-24 Date: Wed, 17 May 2017 21:04:56 +0200 Subject: [PATCH 05/14] doc blocks --- libraries/cms/helper/media.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/libraries/cms/helper/media.php b/libraries/cms/helper/media.php index eea6c9d1fc69b..3276e4ff17cc2 100644 --- a/libraries/cms/helper/media.php +++ b/libraries/cms/helper/media.php @@ -101,9 +101,8 @@ private function getMimeType($file, $isImage = false) /** * Checks the Mime type * - * @param string $mime The filename or tmp_name + * @param string $mime The mime to be checked * @param string $component The optional name for the component storing the parameters - * @param boolean $image True if the passed file is a image else false * * @return boolean true if mime type checking is disabled or it passes the checks else false * From 42a430c0bd0927b718f629c0395e385ecdd1d8ed Mon Sep 17 00:00:00 2001 From: zero-24 Date: Wed, 17 May 2017 21:12:57 +0200 Subject: [PATCH 06/14] we need to use sprintf --- libraries/cms/helper/media.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/libraries/cms/helper/media.php b/libraries/cms/helper/media.php index 3276e4ff17cc2..469d94b5e4383 100644 --- a/libraries/cms/helper/media.php +++ b/libraries/cms/helper/media.php @@ -91,7 +91,7 @@ private function getMimeType($file, $isImage = false) // If we cant detect the mime try it again if ($mime == 'application/octet-stream' && $isImage === true) { - return $this->getMimeType($file, false); + $mime = $this->getMimeType($file, false); } // We have a mime here @@ -223,7 +223,7 @@ public function canUpload($file, $component = 'com_media') // If the mime type is not allowed we don't upload it and show the mime code error to the user if ($result === false) { - $app->enqueueMessage(JText::_('JLIB_MEDIA_ERROR_WARNINVALID_MIMETYPE', $mime), 'error'); + $app->enqueueMessage(JText::sprintf('JLIB_MEDIA_ERROR_WARNINVALID_MIMETYPE', $mime), 'error'); return false; } @@ -256,7 +256,7 @@ public function canUpload($file, $component = 'com_media') // If the mime type is not allowed we don't upload it and show the mime code error to the user if ($result === false) { - $app->enqueueMessage(JText::_('JLIB_MEDIA_ERROR_WARNINVALID_MIMETYPE', $mime), 'error'); + $app->enqueueMessage(JText::sprintf('JLIB_MEDIA_ERROR_WARNINVALID_MIMETYPE', $mime), 'error'); return false; } From cc17b901e0dc67a08bb71cc28c3313450223f1d4 Mon Sep 17 00:00:00 2001 From: zero-24 Date: Wed, 17 May 2017 21:18:17 +0200 Subject: [PATCH 07/14] fix issue --- libraries/cms/helper/media.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/libraries/cms/helper/media.php b/libraries/cms/helper/media.php index 469d94b5e4383..d46bc8867320e 100644 --- a/libraries/cms/helper/media.php +++ b/libraries/cms/helper/media.php @@ -218,7 +218,7 @@ public function canUpload($file, $component = 'com_media') // Did we got anything usefull? if ($mime != false) { - $result = $this->checkMimeType($mime, $component, true); + $result = $this->checkMimeType($mime, $component); // If the mime type is not allowed we don't upload it and show the mime code error to the user if ($result === false) @@ -251,7 +251,7 @@ public function canUpload($file, $component = 'com_media') // Did we got anything usefull? if ($mime != false) { - $result = $this->checkMimeType($mime, $component, true); + $result = $this->checkMimeType($mime, $component); // If the mime type is not allowed we don't upload it and show the mime code error to the user if ($result === false) From 3a3478574d8b3220485ba55dbe0344a092dacd95 Mon Sep 17 00:00:00 2001 From: zero-24 Date: Wed, 17 May 2017 21:19:05 +0200 Subject: [PATCH 08/14] drone --- libraries/cms/helper/media.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/libraries/cms/helper/media.php b/libraries/cms/helper/media.php index d46bc8867320e..48482b2453c7d 100644 --- a/libraries/cms/helper/media.php +++ b/libraries/cms/helper/media.php @@ -101,8 +101,8 @@ private function getMimeType($file, $isImage = false) /** * Checks the Mime type * - * @param string $mime The mime to be checked - * @param string $component The optional name for the component storing the parameters + * @param string $mime The mime to be checked + * @param string $component The optional name for the component storing the parameters * * @return boolean true if mime type checking is disabled or it passes the checks else false * From efc334f069996e1af9683a7dd764f2ab27b73281 Mon Sep 17 00:00:00 2001 From: zero-24 Date: Wed, 17 May 2017 21:35:42 +0200 Subject: [PATCH 09/14] fix comments thanks @quy --- libraries/cms/helper/media.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/libraries/cms/helper/media.php b/libraries/cms/helper/media.php index 48482b2453c7d..5985ff6bfcdf8 100644 --- a/libraries/cms/helper/media.php +++ b/libraries/cms/helper/media.php @@ -88,7 +88,7 @@ private function getMimeType($file, $isImage = false) return false; } - // If we cant detect the mime try it again + // If we can't detect the mime try it again if ($mime == 'application/octet-stream' && $isImage === true) { $mime = $this->getMimeType($file, false); @@ -228,7 +228,7 @@ public function canUpload($file, $component = 'com_media') return false; } } - // We can't detect the mime type so it looks like a invalid image' + // We can't detect the mime type so it looks like an invalid image else { $app->enqueueMessage(JText::_('JLIB_MEDIA_ERROR_WARNINVALID_IMG'), 'error'); @@ -261,7 +261,7 @@ public function canUpload($file, $component = 'com_media') return false; } } - // We can't detect the mime type so it looks like a invalid image' + // We can't detect the mime type so it looks like an invalid file else { $app->enqueueMessage(JText::_('JLIB_MEDIA_ERROR_WARNINVALID_MIME'), 'error'); From 298959ec803d1aa698603f141430d1eb8358025a Mon Sep 17 00:00:00 2001 From: zero-24 Date: Thu, 18 May 2017 09:27:31 +0200 Subject: [PATCH 10/14] fallback to mime = false --- libraries/cms/helper/media.php | 3 +++ 1 file changed, 3 insertions(+) diff --git a/libraries/cms/helper/media.php b/libraries/cms/helper/media.php index 5985ff6bfcdf8..53b64560480e0 100644 --- a/libraries/cms/helper/media.php +++ b/libraries/cms/helper/media.php @@ -58,6 +58,9 @@ public static function getTypeIcon($fileName) */ private function getMimeType($file, $isImage = false) { + // If we can't detect anything mime is false + $mime = false; + try { if ($isImage && function_exists('exif_imagetype')) From 672e1836662663eb0473a05ce346202c2311e559 Mon Sep 17 00:00:00 2001 From: zero-24 Date: Thu, 18 May 2017 09:31:13 +0200 Subject: [PATCH 11/14] Update media.php --- libraries/cms/helper/media.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libraries/cms/helper/media.php b/libraries/cms/helper/media.php index 53b64560480e0..ea4f493465e7b 100644 --- a/libraries/cms/helper/media.php +++ b/libraries/cms/helper/media.php @@ -70,7 +70,7 @@ private function getMimeType($file, $isImage = false) elseif ($isImage && function_exists('getimagesize')) { $imagesize = getimagesize($file); - $mime = (isset($imagesize['mime'])) ? $imagesize['mime'] : false; + $mime = isset($imagesize['mime']) ? $imagesize['mime'] : false; } elseif (function_exists('mime_content_type')) { From be99e2aed77d51b8ca8eee03aca9d9bed6ee65f3 Mon Sep 17 00:00:00 2001 From: zero-24 Date: Thu, 18 May 2017 13:48:09 +0200 Subject: [PATCH 12/14] type save --- libraries/cms/helper/media.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libraries/cms/helper/media.php b/libraries/cms/helper/media.php index ea4f493465e7b..5e6cc6342d563 100644 --- a/libraries/cms/helper/media.php +++ b/libraries/cms/helper/media.php @@ -92,7 +92,7 @@ private function getMimeType($file, $isImage = false) } // If we can't detect the mime try it again - if ($mime == 'application/octet-stream' && $isImage === true) + if ($mime === 'application/octet-stream' && $isImage === true) { $mime = $this->getMimeType($file, false); } From e9c72cc4f2ae6af7a719ba4e831e9c30e6940366 Mon Sep 17 00:00:00 2001 From: George Wilson Date: Thu, 18 May 2017 23:03:30 +0100 Subject: [PATCH 13/14] Fix typos --- libraries/cms/helper/media.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libraries/cms/helper/media.php b/libraries/cms/helper/media.php index 5e6cc6342d563..39d326e0cb66b 100644 --- a/libraries/cms/helper/media.php +++ b/libraries/cms/helper/media.php @@ -218,7 +218,7 @@ public function canUpload($file, $component = 'com_media') // Get the mime type this is a image file $mime = $this->getMimeType($file['tmp_name'], true); - // Did we got anything usefull? + // Did we get anything useful? if ($mime != false) { $result = $this->checkMimeType($mime, $component); From 0c89e50405576cb530845f45cc44d88e52804c18 Mon Sep 17 00:00:00 2001 From: Brian Teeman Date: Fri, 19 May 2017 09:33:53 +0100 Subject: [PATCH 14/14] type --- libraries/cms/helper/media.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libraries/cms/helper/media.php b/libraries/cms/helper/media.php index 39d326e0cb66b..93e2c12b7c4b5 100644 --- a/libraries/cms/helper/media.php +++ b/libraries/cms/helper/media.php @@ -50,7 +50,7 @@ public static function getTypeIcon($fileName) * Get the Mime type * * @param string $file The link to the file to be checked - * @param boolean $isImage True if the passed file is a image else false + * @param boolean $isImage True if the passed file is an image else false * * @return mixed the mime type detected false on error *