WordPress.org

Ready to get started?Download WordPress

Forums

NextGEN Gallery
PATCH: bug fix for ImageMagick exec and passthru checks (1 post)

  1. Ryan
    Member
    Posted 1 year ago #

    hi all! i recently noticed a bug in imagemagick.inc.php's checks that the exec and passthru functions are enabled. it does a simple substring search in disabled_functions, which returns a false positive if it has functions that _contain_ either of those strings, e.g. pcntl_exec.

    here's a patch against head on https://bitbucket.org/photocrati/nextgen-gallery that fixes it. i tried to send a pull request, but it told me permission denied. :/

    --

    diff -r bf9df3a417e8 products/photocrati_nextgen/modules/ngglegacy/lib/imagemagick.inc.php
    --- a/products/photocrati_nextgen/modules/ngglegacy/lib/imagemagick.inc.php Thu Oct 18 14:15:06 2012 +0100
    +++ b/products/photocrati_nextgen/modules/ngglegacy/lib/imagemagick.inc.php Thu Oct 18 11:04:31 2012 -0700
    @@ -149,8 +149,8 @@

    // very often exec()or passthru() is disabled. No chance for Imagick
    if ( ini_get('disable_functions') ) {
    - $not_allowed = ini_get('disable_functions');
    - if ( stristr($not_allowed, 'exec') || stristr($not_allowed, 'passthru') ) {
    + $not_allowed = explode(",", ini_get('disable_functions'));
    + if ( array_search('exec', $not_allowed) || array_search('passthru', $not_allowed) ) {
    $this->errmsg = 'exec() or passthru() is not allowed. Could not execute Imagick';
    $this->error = true;
    return false;

    http://wordpress.org/extend/plugins/nextgen-gallery/

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic