From 9a9cdb3536bba43392f2fd2705b53b29837d1b91 Mon Sep 17 00:00:00 2001
From: csteipp <csteipp@wikimedia.org>
Date: Thu, 12 Mar 2015 17:07:34 -0700
Subject: [PATCH] SECURITY: Use XMLReader for MimeMagic check

Use XmlReaderTypeCheck during the MimeMagic parse, which does more sane
entity expansion.

Bug: T85848
Change-Id: I2c119d4ef2a612855fe74355e8c0061959961856
---
 includes/MimeMagic.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/includes/MimeMagic.php b/includes/MimeMagic.php
index ebe98a3..6ca950e 100644
--- a/includes/MimeMagic.php
+++ b/includes/MimeMagic.php
@@ -724,7 +724,7 @@ class MimeMagic {
 		/**
 		 * look for XML formats (XHTML and SVG)
 		 */
-		$xml = new XmlTypeCheck( $file );
+		$xml = new XmlReaderTypeCheck( $file );
 		if ( $xml->wellFormed ) {
 			$xmlMimeTypes = $this->mConfig->get( 'XMLMimeTypes' );
 			if ( isset( $xmlMimeTypes[$xml->getRootElement()] ) ) {
-- 
1.8.4.5