[wp-trac] [WordPress Trac] #46800: protect against bad characters in media attachment metadata
WordPress Trac
noreply at wordpress.org
Tue Apr 16 06:14:39 UTC 2019
#46800: protect against bad characters in media attachment metadata
--------------------------+-----------------------------
Reporter: donpark | Owner: joemcgill
Type: defect (bug) | Status: accepted
Priority: normal | Milestone: Future Release
Component: Media | Version: trunk
Severity: normal | Resolution:
Keywords: | Focuses:
--------------------------+-----------------------------
Comment (by donpark):
> I'm curious if updating the ID3 library in core would have any affect
(see #43836)?
I have not tried that. IIRC, version of the ID3 library in WPCOM was
1.9.14 while the latest was 1.9.16 and I did not see anything in the
commit log that suggested latest would fix this issue.
> If not, we should apply this sanitization as soon as the data is read
from the file, which I think would be in wp_read_image_metadata(), if I'm
understanding correctly.
Can't answer that as I've not looked into where it should be fixed in the
Core.
> Any interest in trying to put together a patch for this?
Maybe. I just got pulled into fixtheflows, a pseudo-perma-cross-team,
project which has a long list of neglected UX issues so I can't say when I
could put together a patch. Beware that character encoding detection is
pretty much a guessing game and the ID3 spec supporting only two character
sets don't mean a thing in the real world.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/46800#comment:2>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list