summaryrefslogtreecommitdiffstats
path: root/lib
diff options
context:
space:
mode:
authorGlandos <bugs-github@antipoul.fr>2023-02-15 23:37:13 +0100
committerGitHub <noreply@github.com>2023-02-15 23:37:13 +0100
commit528e66859bdf912b422efaa5e0ba833eef939735 (patch)
treedb31e206597c34109bf85e7d6ea40a189a1670f2 /lib
parentb36a31c918ad997e6d227dc7923791c487e18e51 (diff)
downloadnextcloud-server-528e66859bdf912b422efaa5e0ba833eef939735.tar.gz
nextcloud-server-528e66859bdf912b422efaa5e0ba833eef939735.zip
Use proc_open to avoid spawning a shell
The use of `exec` will spawn a shell, using `/bin/sh` on POSIX platforms. But in restricted environment, such as AppArmor, this means giving execution to `/bin/sh`, which renders the execution restriction quite useless. Using an array with `proc_open` reduces this, and paved the way for file streaming instead of temporary file. Signed-off-by: Glandos <bugs-github@antipoul.fr>
Diffstat (limited to 'lib')
-rw-r--r--lib/private/Preview/Movie.php27
1 files changed, 17 insertions, 10 deletions
diff --git a/lib/private/Preview/Movie.php b/lib/private/Preview/Movie.php
index 486c301d987..5b188be68b7 100644
--- a/lib/private/Preview/Movie.php
+++ b/lib/private/Preview/Movie.php
@@ -125,23 +125,30 @@ class Movie extends ProviderV2 {
$binaryType = substr(strrchr($this->binary, '/'), 1);
if ($binaryType === 'avconv') {
- $cmd = $this->binary . ' -y -ss ' . escapeshellarg((string)$second) .
- ' -i ' . escapeshellarg($absPath) .
- ' -an -f mjpeg -vframes 1 -vsync 1 ' . escapeshellarg($tmpPath) .
- ' 2>&1';
+ $cmd = [$this->binary, '-y', '-ss', (string)$second,
+ '-i', $absPath,
+ '-an', '-f', 'mjpeg', '-vframes', '1', '-vsync', '1',
+ $tmpPath];
} elseif ($binaryType === 'ffmpeg') {
- $cmd = $this->binary . ' -y -ss ' . escapeshellarg((string)$second) .
- ' -i ' . escapeshellarg($absPath) .
- ' -f mjpeg -vframes 1' .
- ' ' . escapeshellarg($tmpPath) .
- ' 2>&1';
+ $cmd = [$this->binary, '-y', '-ss', (string)$second,
+ '-i', $absPath,
+ '-f', 'mjpeg', '-vframes', '1',
+ $tmpPath];
} else {
// Not supported
unlink($tmpPath);
return null;
}
- exec($cmd, $output, $returnCode);
+ $proc = proc_open($cmd, [1 => ['pipe', 'w'], 2 => ['pipe', 'w']], $pipes);
+ $returnCode = -1;
+ $output = "";
+ if (is_resource($proc)) {
+ $stdout = trim(stream_get_contents($pipes[1]));
+ $stderr = trim(stream_get_contents($pipes[2]));
+ $returnCode = proc_close($proc);
+ $output = $stdout . $stderr;
+ }
if ($returnCode === 0) {
$image = new \OCP\Image();