Description: Validate video and audio metadata
Author: jeremyfelt@wordpress.org
Origin: upstream, https://core.trac.wordpress.org/changeset/40155/branches/4.1?format=diff&new=40155
Applied-Upstream: 4.7.3
Reviewed-by: Craig Small <csmall@debian.org>
Last-Update: 2017-03-15
--- a/wp-admin/includes/media.php
+++ b/wp-admin/includes/media.php
@@ -2977,6 +2977,8 @@
 
 	wp_add_id3_tag_data( $metadata, $data );
 
+	$metadata = wp_kses_post_deep( $metadata );
+
 	return $metadata;
 }
 
@@ -3016,5 +3018,7 @@
 
 	wp_add_id3_tag_data( $metadata, $data );
 
+	$metadata = wp_kses_post_deep( $metadata );
+
 	return $metadata;
 }
--- a/wp-includes/kses.php
+++ b/wp-includes/kses.php
@@ -1558,6 +1558,21 @@
 }
 
 /**
+ * Navigates through an array, object, or scalar, and sanitizes content for
+ * allowed HTML tags for post content.
+ *
+ * @since 4.4.2
+ *
+ * @see map_deep()
+ *
+ * @param mixed $data The array, object, or scalar value to inspect.
+ * @return mixed The filtered content.
+ */
+function wp_kses_post_deep( $data ) {
+        return map_deep( $data, 'wp_kses_post' );
+}
+
+/**
  * Strips all of the HTML in the content.
  *
  * @since 2.1.0
--- a/wp-includes/formatting.php
+++ b/wp-includes/formatting.php
@@ -3533,6 +3533,34 @@
 }
 
 /**
+ * Maps a function to all non-iterable elements of an array or an object.
+ *
+ * This is similar to `array_walk_recursive()` but acts upon objects too.
+ *
+ * @since 4.4.0
+ *
+ * @param mixed    $value    The array, object, or scalar.
+ * @param callable $callback The function to map onto $value.
+ * @return mixed The value with the callback applied to all non-arrays and non-objects inside it.
+ */
+function map_deep( $value, $callback ) {
+	if ( is_array( $value ) ) {
+		foreach ( $value as $index => $item ) {
+			$value[ $index ] = map_deep( $item, $callback );
+		}
+	} elseif ( is_object( $value ) ) {
+		$object_vars = get_object_vars( $value );
+		foreach ( $object_vars as $property_name => $property_value ) {
+			$value->$property_name = map_deep( $property_value, $callback );
+		}
+	} else {
+		$value = call_user_func( $callback, $value );
+	}
+
+	return $value;
+}
+
+/**
  * Parses a string into variables to be stored in an array.
  *
  * Uses {@link http://www.php.net/parse_str parse_str()} and stripslashes if
