Use proc_open to avoid spawning a shell

The use of `exec` will spawn a shell, using `/bin/sh` on POSIX platforms. But in restricted environment, such as AppArmor, this means giving execution to `/bin/sh`, which renders the execution restriction quite useless.
Using an array with `proc_open` reduces this, and paved the way for file streaming instead of temporary file.

Signed-off-by: Glandos <bugs-github@antipoul.fr>

diff --git a/lib/private/Preview/Movie.php b/lib/private/Preview/Movie.php
index 486c301d987ad48a026aeda3affc1bca97d3b035..5b188be68b73c0372a0a2f201f1d010d95ca97aa 100644 (file)
--- a/lib/private/Preview/Movie.php
+++ b/lib/private/Preview/Movie.php
@@ -125,23 +125,30 @@ class Movie extends ProviderV2 {
                $binaryType = substr(strrchr($this->binary, '/'), 1);
 
                if ($binaryType === 'avconv') {
-                       $cmd = $this->binary . ' -y -ss ' . escapeshellarg((string)$second) .
-                               ' -i ' . escapeshellarg($absPath) .
-                               ' -an -f mjpeg -vframes 1 -vsync 1 ' . escapeshellarg($tmpPath) .
-                               ' 2>&1';
+            $cmd = [$this->binary, '-y', '-ss', (string)$second,
+                    '-i', $absPath,
+                    '-an', '-f', 'mjpeg', '-vframes', '1', '-vsync', '1',
+                    $tmpPath];
                } elseif ($binaryType === 'ffmpeg') {
-                       $cmd = $this->binary . ' -y -ss ' . escapeshellarg((string)$second) .
-                               ' -i ' . escapeshellarg($absPath) .
-                               ' -f mjpeg -vframes 1' .
-                               ' ' . escapeshellarg($tmpPath) .
-                               ' 2>&1';
+            $cmd = [$this->binary, '-y', '-ss', (string)$second,
+                    '-i', $absPath,
+                    '-f', 'mjpeg', '-vframes', '1',
+                    $tmpPath];
                } else {
                        // Not supported
                        unlink($tmpPath);
                        return null;
                }
 
-               exec($cmd, $output, $returnCode);
+               $proc = proc_open($cmd, [1 => ['pipe', 'w'], 2 => ['pipe', 'w']], $pipes);
+               $returnCode = -1;
+               $output = "";
+               if (is_resource($proc)) {
+                               $stdout = trim(stream_get_contents($pipes[1]));
+                               $stderr = trim(stream_get_contents($pipes[2]));
+                               $returnCode = proc_close($proc);
+                               $output = $stdout . $stderr;
+               }
 
                if ($returnCode === 0) {
                        $image = new \OCP\Image();