summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJonas Smedegaard <dr@jones.dk>2017-09-21 16:20:30 +0200
committerJonas Smedegaard <dr@jones.dk>2017-09-21 16:20:30 +0200
commit45df787203f0f0b0c92fddf74bbcea15b69d4dde (patch)
treedad3b989da93067b49e010b5f1c1e638fe9edb4b
parent9dd0bdd58aad29e9a6262ec2b7edb8920341dcfb (diff)
Sync with ikiwiki 3.20160506.
-rw-r--r--IkiWiki/Plugin/img.pm233
1 files changed, 163 insertions, 70 deletions
diff --git a/IkiWiki/Plugin/img.pm b/IkiWiki/Plugin/img.pm
index 169f5e7..494fe23 100644
--- a/IkiWiki/Plugin/img.pm
+++ b/IkiWiki/Plugin/img.pm
@@ -21,6 +21,28 @@ sub getsetup () {
rebuild => undef,
section => "widget",
},
+ img_allowed_formats => {
+ type => "string",
+ default => [qw(jpeg png gif svg)],
+ description => "Image formats to process (jpeg, png, gif, svg, pdf or 'everything' to accept all)",
+ # ImageMagick has had arbitrary code execution flaws,
+ # and the whole delegates mechanism is scary from
+ # that perspective
+ safe => 0,
+ rebuild => 0,
+ },
+}
+
+sub allowed {
+ my $format = shift;
+ my $allowed = $config{img_allowed_formats};
+ $allowed = ['jpeg', 'png', 'gif', 'svg'] unless defined $allowed && @$allowed;
+
+ foreach my $a (@$allowed) {
+ return 1 if $a eq $format || $a eq 'everything';
+ }
+
+ return 0;
}
sub preprocess (@) {
@@ -64,94 +86,165 @@ sub preprocess (@) {
my $dir = $params{page};
my $base = IkiWiki::basename($file);
- my $issvg = $base=~s/\.svg$/.png/i;
+ my $extension;
+ my $format;
+
+ if ($base =~ m/\.([a-z0-9]+)$/) {
+ $extension = $1;
+ }
+ else {
+ error gettext("Unable to detect image type from extension");
+ }
+
+ # Never interpret well-known file extensions as any other format,
+ # in case the wiki configuration unwisely allows attaching
+ # arbitrary files named *.jpg, etc.
+ my $magic;
+ my $offset = 0;
+ open(my $in, '<', $srcfile) or error sprintf(gettext("failed to read %s: %s"), $file, $!);
+ binmode($in);
+
+ if ($extension =~ m/^(jpeg|jpg)$/is) {
+ $format = 'jpeg';
+ $magic = "\377\330\377";
+ }
+ elsif ($extension =~ m/^(png)$/is) {
+ $format = 'png';
+ $magic = "\211PNG\r\n\032\n";
+ }
+ elsif ($extension =~ m/^(gif)$/is) {
+ $format = 'gif';
+ $magic = "GIF8";
+ }
+ elsif ($extension =~ m/^(svg)$/is) {
+ $format = 'svg';
+ }
+ elsif ($extension =~ m/^(pdf)$/is) {
+ $format = 'pdf';
+ $magic = "%PDF-";
+ }
+ else {
+ # allow ImageMagick to auto-detect (potentially dangerous)
+ $format = '';
+ }
+
+ error sprintf(gettext("%s image processing disabled in img_allowed_formats configuration"), $format ? $format : "\"$extension\"") unless allowed($format ? $format : "everything");
+
+ # Try harder to protect ImageMagick from itself
+ if (defined $magic) {
+ my $content;
+ read($in, $content, length $magic) or error sprintf(gettext("failed to read %s: %s"), $file, $!);
+ if ($magic ne $content) {
+ error sprintf(gettext("\"%s\" does not seem to be a valid %s file"), $file, $format);
+ }
+ }
+
my $ispdf = $base=~s/\.pdf$/.png/i;
my $pagenumber = exists($params{pagenumber}) ? int($params{pagenumber}) : 0;
if ($pagenumber != 0) {
$base = "p$pagenumber-$base";
}
- eval q{use Image::Magick};
- error gettext("Image::Magick is not installed") if $@;
- my $im = Image::Magick->new();
my $imglink;
my $imgdatalink;
- my $r = $im->Read(":$srcfile\[$pagenumber]");
- error sprintf(gettext("failed to read %s: %s"), $file, $r) if $r;
+ my ($dwidth, $dheight);
- if (! defined $im->Get("width") || ! defined $im->Get("height")) {
- error sprintf(gettext("failed to get dimensions of %s"), $file);
+ my ($w, $h);
+ if ($params{size} ne 'full') {
+ ($w, $h) = ($params{size} =~ /^(\d*)x(\d*)$/);
}
- my ($dwidth, $dheight);
+ if ($format eq 'svg') {
+ # svg images are not scaled using ImageMagick because the
+ # pipeline is complex. Instead, the image size is simply
+ # set to the provided values.
+ #
+ # Aspect ratio will be preserved automatically when
+ # only a width or only a height is specified.
+ # When both are specified, aspect ratio will not be
+ # preserved.
+ $imglink = $file;
+ $dwidth = $w if length $w;
+ $dheight = $h if length $h;
+ }
+ else {
+ eval q{use Image::Magick};
+ error gettext("Image::Magick is not installed") if $@;
+ my $im = Image::Magick->new();
+ my $r = $im->Read("$format:$srcfile\[$pagenumber]");
+ error sprintf(gettext("failed to read %s: %s"), $file, $r) if $r;
+
+ if (! defined $im->Get("width") || ! defined $im->Get("height")) {
+ error sprintf(gettext("failed to get dimensions of %s"), $file);
+ }
- if ($params{size} eq 'full') {
- $dwidth = $im->Get("width");
- $dheight = $im->Get("height");
- } else {
- my ($w, $h) = ($params{size} =~ /^(\d*)x(\d*)$/);
- error sprintf(gettext('wrong size format "%s" (should be WxH)'), $params{size})
- unless (defined $w && defined $h &&
- (length $w || length $h));
-
- if ($im->Get("width") == 0 || $im->Get("height") == 0) {
- ($dwidth, $dheight)=(0, 0);
- } elsif (! length $w || (length $h && $im->Get("height")*$w > $h * $im->Get("width"))) {
- # using height because only height is given or ...
- # because original image is more portrait than $w/$h
- # ... slimness of $im > $h/w
- # ... $im->Get("height")/$im->Get("width") > $h/$w
- # ... $im->Get("height")*$w > $h * $im->Get("width")
-
- $dheight=$h;
- $dwidth=$h / $im->Get("height") * $im->Get("width");
- } else { # (! length $h) or $w is what determines the resized size
- $dwidth=$w;
- $dheight=$w / $im->Get("width") * $im->Get("height");
+ if (! length $w && ! length $h) {
+ $dwidth = $im->Get("width");
+ $dheight = $im->Get("height");
+ } else {
+ error sprintf(gettext('wrong size format "%s" (should be WxH)'), $params{size})
+ unless (defined $w && defined $h &&
+ (length $w || length $h));
+
+ if ($im->Get("width") == 0 || $im->Get("height") == 0) {
+ ($dwidth, $dheight)=(0, 0);
+ } elsif (! length $w || (length $h && $im->Get("height")*$w > $h * $im->Get("width"))) {
+ # using height because only height is given or ...
+ # because original image is more portrait than $w/$h
+ # ... slimness of $im > $h/w
+ # ... $im->Get("height")/$im->Get("width") > $h/$w
+ # ... $im->Get("height")*$w > $h * $im->Get("width")
+
+ $dheight=$h;
+ $dwidth=$h / $im->Get("height") * $im->Get("width");
+ } else { # (! length $h) or $w is what determines the resized size
+ $dwidth=$w;
+ $dheight=$w / $im->Get("width") * $im->Get("height");
+ }
}
- }
- if ($dwidth < $im->Get("width") || $ispdf) {
- # resize down, or resize to pixels at all
+ if ($dwidth < $im->Get("width") || $ispdf) {
+ # resize down, or resize to pixels at all
- my $outfile = "$config{destdir}/$dir/$params{size}-$base";
- $imglink = "$dir/$params{size}-$base";
+ my $outfile = "$config{destdir}/$dir/$params{size}-$base";
<
  • strbuf_puts(html, data->list_type == bullet ? "</ul>" : "</ol>");
  • strbuf_putc(html, '\n');
  • break;
  • case BLOCK_ATX_HEADER:
  • case BLOCK_SETEXT_HEADER:
  • cr(html);
  • strbuf_printf(html, "<h%d>", b->attributes.header_level);
  • inlines_to_html(html, b->inline_content);
  • strbuf_printf(html, "</h%d>\n", b->attributes.header_level);
  • break;
  • case BLOCK_INDENTED_CODE:
  • case BLOCK_FENCED_CODE:
  • cr(html);
  • strbuf_puts(html, "<pre");
  • if (b->tag == BLOCK_FENCED_CODE) {
  • strbuf *info = &b->attributes.fenced_code_data.info;
  • if (strbuf_len(info) > 0) {
  • int first_tag = strbuf_strchr(info, ' ', 0);
  • if (first_tag < 0)
  • first_tag = strbuf_len(info);
  • strbuf_puts(html, " class=\""<