Skip to content

Commit 8e7e699

Browse files
fabianzwfabianzw
committed
fix(security): Force Imagick to only accept HEIC/HEIF images
Signed-off-by: Fabian Zwemke <fabian@zwemke.de>
1 parent 2ae66ff commit 8e7e699

File tree

1 file changed

+3
-4
lines changed

1 file changed

+3
-4
lines changed

lib/private/Preview/HEIC.php

Lines changed: 3 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -96,11 +96,10 @@ public function getThumbnail(File $file, int $maxX, int $maxY): ?IImage {
9696
private function getResizedPreview($tmpPath, $maxX, $maxY) {
9797
$bp = new \Imagick();
9898

99-
// Some HEIC files just contain (or at least are identified as) other formats
100-
// like JPEG. We just need to check if the image is safe to process.
101-
$bp->pingImage($tmpPath . '[0]');
99+
// Force Imagick to only accept HEIC or HEIF images
100+
$bp->pingImage('heic:' . $tmpPath . '[0]');
102101
$mimeType = $bp->getImageMimeType();
103-
if (!preg_match('/^image\/(x-)?(png|jpeg|gif|bmp|tiff|webp|hei(f|c)|avif)$/', $mimeType)) {
102+
if (!preg_match('/^image\/(x-)?hei(f|c)$/', $mimeType)) {
104103
throw new \Exception('File mime type does not match the preview provider: ' . $mimeType);
105104
}
106105

0 commit comments

Comments
 (0)