From aae4c434849db1a35708b196db00a097448dfe17 Mon Sep 17 00:00:00 2001
From: Pascal Birchler <swissspidy@git.wordpress.org>
Date: Mon, 17 Apr 2017 12:59:21 +0000
Subject: [PATCH] Fix broken audio/video functions when sanitizing ID3 data

This fixes a bug where running `wp_kses_post_deep()` on all the ID3
tag data corrupted blob data.

Fixes #40075, #40085.

Merges [40400] to the 4.7 branch.


git-svn-id: https://develop.svn.wordpress.org/branches/4.7@40460 602fd350-edb4-49c9-b593-d223f7449a82
---
 src/wp-admin/includes/media.php | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

diff --git a/src/wp-admin/includes/media.php b/src/wp-admin/includes/media.php
index d2f4854a2c..c4090174fa 100644
--- a/src/wp-admin/includes/media.php
+++ b/src/wp-admin/includes/media.php
@@ -2982,7 +2982,7 @@ function wp_add_id3_tag_data( &$metadata, $data ) {
 		if ( ! empty( $data[$version]['comments'] ) ) {
 			foreach ( $data[$version]['comments'] as $key => $list ) {
 				if ( 'length' !== $key && ! empty( $list ) ) {
-					$metadata[$key] = reset( $list );
+					$metadata[$key] = wp_kses_post( reset( $list ) );
 					// Fix bug in byte stream analysis.
 					if ( 'terms_of_use' === $key && 0 === strpos( $metadata[$key], 'yright notice.' ) )
 						$metadata[$key] = 'Cop' . $metadata[$key];
@@ -3072,8 +3072,6 @@ function wp_read_video_metadata( $file ) {
 
 	wp_add_id3_tag_data( $metadata, $data );
 
-	$metadata = wp_kses_post_deep( $metadata );
-
 	return $metadata;
 }
 
@@ -3119,8 +3117,6 @@ function wp_read_audio_metadata( $file ) {
 
 	wp_add_id3_tag_data( $metadata, $data );
 
-	$metadata = wp_kses_post_deep( $metadata );
-
 	return $metadata;
 }