Page MenuHomePhabricator

XMPReader::checkParseSafely requires allow_url_fopen to be set enabled
Open, LowPublic

Description

XMP parsing tests fail with allow_url_fopen disabled:

To reproduce within the library XMPReader:

git clone https://gerrit.wikimedia.org/r/mediawiki/libs/XMPReader.git
cd XMPReader
composer install
php vendor/bin/phpunit # succeeds
php -d allow_url_fopen vendor/bin/phpunit # fails

Sample failures in MediaWiki tests:

1Using PHPUnit from /usr/share/php/phpunit/phpunit.phar
2PHPUnit 4.3.1 by Sebastian Bergmann.
3
4Configuration read from /usr/home/saper/public_html/ybabel/tests/phpunit/suite.xml
5
6F.....F........................................................ 63 / 267 ( 23%)
7.....................F.F........F.............................. 126 / 267 ( 47%)
8...............................F.F............................. 189 / 267 ( 70%)
9..................................FFFFFFFFFF.FFFFFFFF.RFFFF.... 252 / 267 ( 94%)
10................
11
12Time: 5.83 seconds, Memory: 51.75Mb
13
14There were 29 failures:
15
161) BitmapMetadataHandlerTest::testMultilingualCascade
17'right(iptc)' does not match expected type "array".
18
19/usr/home/saper/public_html/ybabel/tests/phpunit/includes/media/BitmapMetadataHandlerTest.php:43
20/usr/home/saper/public_html/ybabel/tests/phpunit/MediaWikiTestCase.php:137
21
222) BitmapMetadataHandlerTest::testPNGXMP
23Failed asserting that two arrays are equal.
24--- Expected
25+++ Actual
26@@ @@
27 Array (
28 'frameCount' => 0
29 'loopCount' => 1
30- 'duration' => 0
31+ 'duration' => 0.0
32 'bitDepth' => 1
33 'colorType' => 'index-coloured'
34 'metadata' => Array (
35- 'SerialNumber' => '123456789'
36 '_MW_PNG_VERSION' => 1
37 )
38 )
39
40/usr/home/saper/public_html/ybabel/tests/phpunit/includes/media/BitmapMetadataHandlerTest.php:146
41/usr/home/saper/public_html/ybabel/tests/phpunit/MediaWikiTestCase.php:137
42
433) GIFHandlerTest::testGetMetadata with data set #1 ('animated-xmp.gif', 'a:4:{s:10:"frameCount";i:4;s:6:"looped";b:1;s:8:"duration";d:2.399999999999999911182158029987476766109466552734375;s:8:"metadata";a:5:{s:6:"Artist";s:7:"Bawolff";s:16:"ImageDescription";a:2:{s:9:"x-default";s:18:"A file to test GIF";s:5:"_type";s:4:"lang";}s:15:"SublocationDest";s:13:"The interwebs";s:14:"GIFFileComment";a:1:{i:0;s:16:"GIƒ·test·file";}s:15:"_MW_GIF_VERSION";i:1;}}')
44Failed asserting that two arrays are equal.
45--- Expected
46+++ Actual
47@@ @@
48 Array (
49 'frameCount' => 4
50 'looped' => true
51 'duration' => 2.4
52 'metadata' => Array (
53- 'Artist' => 'Bawolff'
54- 'ImageDescription' => Array (...)
55- 'SublocationDest' => 'The interwebs'
56 'GIFFileComment' => Array (...)
57 '_MW_GIF_VERSION' => 1
58 )
59 )
60
61/usr/home/saper/public_html/ybabel/tests/phpunit/includes/media/GIFTest.php:95
62/usr/home/saper/public_html/ybabel/tests/phpunit/MediaWikiTestCase.php:137
63
644) GIFHandlerTest::testGetIndependentMetaArray with data set #1 ('animated-xmp.gif', array('Bawolff', array('A file to test GIF', 'lang'), 'The interwebs', array('GIƒ·test·file')))
65Failed asserting that two arrays are equal.
66--- Expected
67+++ Actual
68@@ @@
69 Array (
70- 'Artist' => 'Bawolff'
71- 'ImageDescription' => Array (...)
72- 'SublocationDest' => 'The interwebs'
73 'GIFFileComment' => Array (...)
74 )
75
76/usr/home/saper/public_html/ybabel/tests/phpunit/includes/media/GIFTest.php:116
77/usr/home/saper/public_html/ybabel/tests/phpunit/MediaWikiTestCase.php:137
78
795) <-- not relevant here -->
80
816) PNGHandlerTest::testGetMetadata with data set #1 ('xmp.png', 'a:6:{s:10:"frameCount";i:0;s:9:"loopCount";i:1;s:8:"duration";d:0;s:8:"bitDepth";i:1;s:9:"colorType";s:14:"index-coloured";s:8:"metadata";a:2:{s:12:"SerialNumber";s:9:"123456789";s:15:"_MW_PNG_VERSION";i:1;}}')
82Failed asserting that two strings are equal.
83--- Expected
84+++ Actual
85@@ @@
86-'a:6:{s:10:"frameCount";i:0;s:9:"loopCount";i:1;s:8:"duration";d:0;s:8:"bitDepth";i:1;s:9:"colorType";s:14:"index-coloured";s:8:"metadata";a:2:{s:12:"SerialNumber";s:9:"123456789";s:15:"_MW_PNG_VERSION";i:1;}}'
87+'a:6:{s:10:"frameCount";i:0;s:9:"loopCount";i:1;s:8:"duration";d:0;s:8:"bitDepth";i:1;s:9:"colorType";s:14:"index-coloured";s:8:"metadata";a:1:{s:15:"_MW_PNG_VERSION";i:1;}}'
88
89/usr/home/saper/public_html/ybabel/tests/phpunit/includes/media/PNGTest.php:97
90/usr/home/saper/public_html/ybabel/tests/phpunit/MediaWikiTestCase.php:137
91
927) PNGHandlerTest::testGetIndependentMetaArray with data set #1 ('xmp.png', array('123456789'))
93Failed asserting that two arrays are equal.
94--- Expected
95+++ Actual
96@@ @@
97 Array (
98- 'SerialNumber' => '123456789'
99 )
100
101/usr/home/saper/public_html/ybabel/tests/phpunit/includes/media/PNGTest.php:118
102/usr/home/saper/public_html/ybabel/tests/phpunit/MediaWikiTestCase.php:137
103
1048) XMPTest::testXMPParse with data set #0 ('<?xpacket begin="" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core
105 4.1.3-c001 49.282696, Mon Apr 02 2007 21:16:10 ">
106<rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">
107<rdf:Description
108 rdf:about=""
109 xmlns:exif="http://ns.adobe.com/exif/1.0/"
110 exif:DigitalZoomRatio="0/10">
111<exif:Flash rdf:parseType=\'Resource\'>
112<exif:Fired>True</exif:Fired> <exif:Return>0</exif:Return> <exif:Mode>1</exif:Mode> <exif:Function>False</exif:Function> <exif:RedEyeMode>False</exif:RedEyeMode></exif:Flash> </rdf:Description> </rdf:RDF> </x:xmpmeta>
113
114<?xpacket end="w"?>
115', array(array('0/10', '9')), '[1.xmp] parseType=Resource test')
116[1.xmp] parseType=Resource test
117Failed asserting that two arrays are equal.
118--- Expected
119+++ Actual
120@@ @@
121 Array (
122- 'xmp-exif' => Array (...)
123 )
124
125/usr/home/saper/public_html/ybabel/tests/phpunit/includes/media/XMPTest.php:32
126/usr/home/saper/public_html/ybabel/tests/phpunit/MediaWikiTestCase.php:137
127
1289) XMPTest::testXMPParse with data set #1 ('<?xpacket begin="" id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core
129 4.1.3-c001 49.282696, Mon Apr 02 2007 21:16:10 ">
130<rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#">
131<rdf:Description
132 rdf:about=""
133 xmlns:exif="http://ns.adobe.com/exif/1.0/"
134 exif:DigitalZoomRatio="0/10">
135<exif:Flash>
136<rdf:Description exif:Return="0">
137<exif:Fired>True</exif:Fired> <exif:Mode>1</exif:Mode> <exif:Function>False</exif:Function> <exif:RedEyeMode>False</exif:RedEyeMode></rdf:Description></exif:Flash> </rdf:Description> </rdf:RDF> </x:xmpmeta>
138
139<?xpacket end="w"?>
140', array(array('0/10', '9')), '[2.xmp] Structure with mixed attribute and element props')
141[2.xmp] Structure with mixed attribute and element props
142Failed asserting that two arrays are equal.
143--- Expected
144+++ Actual
145@@ @@
146 Array (
147- 'xmp-exif' => Array (...)
148 )
149
150/usr/home/saper/public_html/ybabel/tests/phpunit/includes/media/XMPTest.php:32
151/usr/home/saper/public_html/ybabel/tests/phpunit/MediaWikiTestCase.php:137
152
153
154...

Event Timeline

saper created this task.Oct 26 2015, 11:52 PM
saper raised the priority of this task from to Needs Triage.
saper updated the task description. (Show Details)
saper added subscribers: saper, csteipp.
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptOct 26 2015, 11:52 PM
saper triaged this task as Low priority.Oct 26 2015, 11:53 PM
saper set Security to None.

huh. It really shouldn't need that.

Confirmed. Tests fail without allow_url_fopen.

The logging of errors seems to get thrown away in the unit tests. Actual error is:

XMLReader::open(): data:// wrapper is disabled in the server configuration by allow_url_fopen=0

Which is used as part of our security check added in 15ce698afc0bb3ab562179

Seb35 added a subscriber: Seb35.Sep 24 2018, 11:55 AM

The faulty code is exactly in Reader::checkParseSafety with the function XMLReader::open(). The tests works with replacing by the function XMLReader::xml() although there is specifically a comment warning about not doing that for security reasons.

To possibly solve this issue, it should be checked if the security issues described in T85848 are still issues in supported versions of PHP and HHVM, and in Wikimedia production.

If it is not possible to do this change, the failing tests should be skipped if ini_get( 'allow_url_fopen' ) === '0' in order to go further in T116704.

Seb35 updated the task description. (Show Details)Sep 24 2018, 11:58 AM
TheDJ added a subscriber: TheDJ.Aug 22 2019, 1:34 PM