add setBlock() and setBlockUntrusted()

Author: jcupitt

CHANGELOG.md

@@ -5,6 +5,7 @@ All notable changes to `php-vips` will be documented in this file.
 ## master
 
 - better ffi startup diagnostics [ping-localhost]
+- add setBlock() and setBlockUntrusted() to control operation blocking [jcupitt]
 
 ## 2.6.1 - 2025-12-10
 

src/Config.php

@@ -138,6 +138,53 @@ public static function concurrencySet(int $value): void
         FFI::vips()->vips_concurrency_set($value);
     }
 
+    /**
+     * Set the block state on all operations in the libvips class hierarchy at
+     * name and below.
+     *
+     * For example:
+     *
+     * ```php
+     * Vips\Config::setBlockUntrusted(true);
+     * Vips\Config::setBlock("VipsForeignLoadSvg", false);
+     * ```
+     *
+     * Will block all untrusted loaders, but allow SVG.
+     *
+     * @param string $name The name of the class to block.
+     * @param bool $state The block state to set.
+     *
+     * @return void
+     */
+    public static function setBlock(string $name, bool $state): void
+    {
+        if (FFI::atLeast(8, 13)) {
+            FFI::vips()->vips_operation_block_set($name, $state);
+        }
+    }
+
+    /**
+     * Set the block state on all untrusted operations.
+     *
+     * For example:
+     *
+     * ```php
+     * Vips\Config::setBlockUntrusted(true);
+     * ```
+     *
+     * Will prevent all untrusted loaders from running.
+     *
+     * @param bool $state The block state to set.
+     *
+     * @return void
+     */
+    public static function setBlockUntrusted(bool $state): void
+    {
+        if (FFI::atLeast(8, 13)) {
+            FFI::vips()->vips_block_untrusted_set($state);
+        }
+    }
+
     /**
      * Gets the libvips version number as a string of the form
      * MAJOR.MINOR.MICRO, for example "8.6.1".

src/FFI.php

@@ -791,6 +791,14 @@ private static function init(): void
 
 const char* vips_foreign_find_load_source (VipsSource *source);
 const char* vips_foreign_find_save_target (const char* suffix);
+CPP;
+        }
+
+        if (self::atLeast(8, 13)) {
+            $vips_decls = $vips_decls . <<<'CPP'
+void vips_block_untrusted_set(int state);
+void vips_operation_block_set(const char *name, int state);
+
 CPP;
         }
 

tests/ConfigTest.php

@@ -34,6 +34,56 @@ public function testVipsVersion()
         $version = Vips\Config::version();
         $this->assertEquals(preg_match("/\d+\.\d+\.\d+/", $version), 1);
     }
+
+    public function testPpmLoadBuffer()
+    {
+        $ppm = "P3
+1 1
+255
+0 0 0 
+";
+
+        // the PPM loader is built in and should be available in most 
+        // libvips binaries
+        $image = Vips\Image::ppmload_buffer($ppm);
+        $this->assertTrue($image->width == 1);
+    }
+
+    public function testBlockUntrusted()
+    {
+        $ppm = "P3
+1 1
+255
+0 0 0 
+";
+
+        if (Vips\FFI::atLeast(8, 13)) {
+            Vips\Config::setBlockUntrusted(true);
+
+            // should fail
+            $this->expectException(Vips\Exception::class);
+            $image = Vips\Image::ppmload_buffer($ppm);
+            $this->assertTrue($image->width == 1);
+        }
+    }
+
+    public function testBlock()
+    {
+        $ppm = "P3
+1 1
+255
+0 0 0 
+";
+
+        if (Vips\FFI::atLeast(8, 13)) {
+            Vips\Config::setBlockUntrusted(true);
+            Vips\Config::setBlock("VipsForeignLoadPpm", false);
+
+            // should work
+            $image = Vips\Image::ppmload_buffer($ppm);
+            $this->assertTrue($image->width == 1);
+        }
+    }
 }
 
 /*