fix: gracefully handle unexpected exif orientation types

Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>

1 files changed, 15 insertions, 9 deletions

diff --git a/lib/private/legacy/OC_Image.php b/lib/private/legacy/OC_Image.php
index 74967021405..dfb0d08b1c8 100644
--- a/lib/private/legacy/OC_Image.php
+++ b/lib/private/legacy/OC_Image.php
@@ -447,6 +447,18 @@ class OC_Image implements \OCP\IImage {
 		return min(100, max(10, (int) $quality));
 	}
 
+	private function isValidExifData(array $exif): bool {
+		if (!isset($exif['Orientation'])) {
+			return false;
+		}
+
+		if (!is_numeric($exif['Orientation'])) {
+			return false;
+		}
+
+		return true;
+	}
+
 	/**
 	 * (I'm open for suggestions on better method name ;)
 	 * Get the orientation based on EXIF data.
@@ -475,14 +487,11 @@ class OC_Image implements \OCP\IImage {
 			return -1;
 		}
 		$exif = @exif_read_data($this->filePath, 'IFD0');
-		if (!$exif) {
-			return -1;
-		}
-		if (!isset($exif['Orientation'])) {
+		if (!$exif || !$this->isValidExifData($exif)) {
 			return -1;
 		}
 		$this->exif = $exif;
-		return $exif['Orientation'];
+		return (int)$exif['Orientation'];
 	}
 
 	public function readExif($data): void {
@@ -496,10 +505,7 @@ class OC_Image implements \OCP\IImage {
 		}
 
 		$exif = @exif_read_data('data://image/jpeg;base64,' . base64_encode($data));
-		if (!$exif) {
-			return;
-		}
-		if (!isset($exif['Orientation'])) {
+		if (!$exif || !$this->isValidExifData($exif)) {
 			return;
 		}
 		$this->exif = $exif;