Skip to content

Commit

Permalink
Merge pull request #45464 from nextcloud/backport/45340/stable25
Browse files Browse the repository at this point in the history
[stable25] fix: Extend SVG reference check
  • Loading branch information
blizzz authored May 23, 2024
2 parents 53923d9 + 2bd7a0f commit baae7cf
Show file tree
Hide file tree
Showing 2 changed files with 30 additions and 1 deletion.
2 changes: 1 addition & 1 deletion lib/private/Preview/SVG.php
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,7 @@ public function getThumbnail(File $file, int $maxX, int $maxY): ?IImage {
}

// Do not parse SVG files with references
if (stripos($content, 'xlink:href') !== false) {
if (preg_match('/["\s](xlink:)?href\s*=/i', $content)) {
return null;
}

Expand Down
29 changes: 29 additions & 0 deletions tests/lib/Preview/SVGTest.php
Original file line number Diff line number Diff line change
Expand Up @@ -43,4 +43,33 @@ protected function setUp(): void {
$this->markTestSkipped('No SVG provider present');
}
}

public function dataGetThumbnailSVGHref(): array {
return [
['href'],
[' href'],
["\nhref"],
['xlink:href'],
[' xlink:href'],
["\nxlink:href"],
];
}

/**
* @dataProvider dataGetThumbnailSVGHref
* @requires extension imagick
*/
public function testGetThumbnailSVGHref(string $content): void {
$handle = fopen('php://temp', 'w+');
fwrite($handle, '<svg viewBox="0 0 100 100" xmlns="http://www.w3.org/2000/svg">
<image x="0" y="0"' . $content . '="fxlogo.png" height="100" width="100" />
</svg>');
rewind($handle);

$file = $this->createMock(\OCP\Files\File::class);
$file->method('fopen')
->willReturn($handle);

self::assertNull($this->provider->getThumbnail($file, 512, 512));
}
}

0 comments on commit baae7cf

Please sign in to comment.