From fd0b614054a627d8b88e3b231d5c0119f131ce89 Mon Sep 17 00:00:00 2001
From: csteipp <csteipp@wikimedia.org>
Date: Mon, 27 Jan 2014 12:57:33 -0800
Subject: [PATCH] SECURITY: Escape all shell arguments

Ensure all shell arguments are escaped individually.
This relies on Ica8e37d1c1bea3b68c0165109aa7b9330fe9128a.

Bug: 60339
---
 PdfHandler_body.php | 28 ++++++++++++++++++++++------
 1 file changed, 22 insertions(+), 6 deletions(-)

diff --git a/PdfHandler_body.php b/PdfHandler_body.php
index 62578b8..495f3bb 100644
--- a/PdfHandler_body.php
+++ b/PdfHandler_body.php
@@ -167,12 +167,28 @@ class PdfHandler extends ImageHandler {
 
 		$srcPath = $image->getLocalRefPath();
 
-		$cmd = '(' . wfEscapeShellArg( $wgPdfProcessor );
-		$cmd .= " -sDEVICE=jpeg -sOutputFile=- -dFirstPage={$page} -dLastPage={$page}";
-		$cmd .= " -r{$wgPdfHandlerDpi} -dBATCH -dNOPAUSE -q ". wfEscapeShellArg( $srcPath );
-		$cmd .= " | " . wfEscapeShellArg( $wgPdfPostProcessor );
-		$cmd .= " -depth 8 -resize {$width} - ";
-		$cmd .= wfEscapeShellArg( $dstPath ) . ")";
+		$cmd = '(' . wfEscapeShellArg(
+			$wgPdfProcessor,
+			"-sDEVICE=jpeg",
+			"-sOutputFile=-",
+			"-dFirstPage={$page}",
+			"-dLastPage={$page}",
+			"-r{$wgPdfHandlerDpi}",
+			"-dBATCH",
+			"-dNOPAUSE",
+			"-q",
+			$srcPath
+		);
+		$cmd .= " | " . wfEscapeShellArg(
+			$wgPdfPostProcessor,
+			"-depth",
+			"8",
+			"-resize",
+			$width,
+			"-",
+			$dstPath
+		);
+		$cmd .= ")";
 
 		wfProfileIn( 'PdfHandler' );
 		wfDebug( __METHOD__ . ": $cmd\n" );
-- 
1.8.4