Mathis/sharp
1
0
Fork 0
mirror of https://github.com/lovell/sharp.git synced 2025-07-09 10:30:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

Guard against InitImage failure #150

Browse Source 
Protects against truncated image headers
This commit is contained in:
Lovell Fuller 2015-01-20 10:38:44 +00:00
parent 35c53f78c8
commit c93f79daa7
7 changed files with 52 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
package.json
View File

@ -15,7 +15,7 @@
], ],
"description": "High performance Node.js module to resize JPEG, PNG, WebP and TIFF images using the libvips library", "description": "High performance Node.js module to resize JPEG, PNG, WebP and TIFF images using the libvips library",
"scripts": { "scripts": {
"test": "node ./node_modules/istanbul/lib/cli.js cover ./node_modules/mocha/bin/_mocha -- --slow=5000 --timeout=10000 ./test/unit/*.js" "test": "VIPS_WARNING=0 node ./node_modules/istanbul/lib/cli.js cover ./node_modules/mocha/bin/_mocha -- --slow=5000 --timeout=10000 ./test/unit/*.js"
}, },
"main": "index.js", "main": "index.js",
"repository": { "repository": {

10
src/metadata.cc
View File

@ -62,6 +62,10 @@ class MetadataWorker : public NanAsyncWorker {
imageType = DetermineImageType(baton->bufferIn, baton->bufferInLength); imageType = DetermineImageType(baton->bufferIn, baton->bufferInLength);
if (imageType != ImageType::UNKNOWN) { if (imageType != ImageType::UNKNOWN) {
image = InitImage(imageType, baton->bufferIn, baton->bufferInLength, VIPS_ACCESS_RANDOM); image = InitImage(imageType, baton->bufferIn, baton->bufferInLength, VIPS_ACCESS_RANDOM);
if (image == NULL) {
(baton->err).append("Input buffer has corrupt header");
imageType = ImageType::UNKNOWN;
}
} else { } else {
(baton->err).append("Input buffer contains unsupported image format"); (baton->err).append("Input buffer contains unsupported image format");
} }
@ -70,8 +74,12 @@ class MetadataWorker : public NanAsyncWorker {
imageType = DetermineImageType(baton->fileIn.c_str()); imageType = DetermineImageType(baton->fileIn.c_str());
if (imageType != ImageType::UNKNOWN) { if (imageType != ImageType::UNKNOWN) {
image = InitImage(imageType, baton->fileIn.c_str(), VIPS_ACCESS_RANDOM); image = InitImage(imageType, baton->fileIn.c_str(), VIPS_ACCESS_RANDOM);
if (image == NULL) {
(baton->err).append("Input file has corrupt header");
imageType = ImageType::UNKNOWN;
}
} else { } else {
(baton->err).append("File is of an unsupported image format"); (baton->err).append("Input file is of an unsupported image format");
} }
} }
if (image != NULL && imageType != ImageType::UNKNOWN) { if (image != NULL && imageType != ImageType::UNKNOWN) {

10
src/resize.cc
View File

@ -153,6 +153,10 @@ class ResizeWorker : public NanAsyncWorker {
inputImageType = DetermineImageType(baton->bufferIn, baton->bufferInLength); inputImageType = DetermineImageType(baton->bufferIn, baton->bufferInLength);
if (inputImageType != ImageType::UNKNOWN) { if (inputImageType != ImageType::UNKNOWN) {
image = InitImage(inputImageType, baton->bufferIn, baton->bufferInLength, baton->accessMethod); image = InitImage(inputImageType, baton->bufferIn, baton->bufferInLength, baton->accessMethod);
if (image == NULL) {
(baton->err).append("Input buffer has corrupt header");
inputImageType = ImageType::UNKNOWN;
}
} else { } else {
(baton->err).append("Input buffer contains unsupported image format"); (baton->err).append("Input buffer contains unsupported image format");
} }
@ -161,8 +165,12 @@ class ResizeWorker : public NanAsyncWorker {
inputImageType = DetermineImageType(baton->fileIn.c_str()); inputImageType = DetermineImageType(baton->fileIn.c_str());
if (inputImageType != ImageType::UNKNOWN) { if (inputImageType != ImageType::UNKNOWN) {
image = InitImage(inputImageType, baton->fileIn.c_str(), baton->accessMethod); image = InitImage(inputImageType, baton->fileIn.c_str(), baton->accessMethod);
if (image == NULL) {
(baton->err).append("Input file has corrupt header");
inputImageType = ImageType::UNKNOWN;
}
} else { } else {
(baton->err).append("File is of an unsupported image format"); (baton->err).append("Input file is of an unsupported image format");
} }
} }
if (inputImageType == ImageType::UNKNOWN) { if (inputImageType == ImageType::UNKNOWN) {

BIN
test/fixtures/corrupt-header.jpg vendored Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 1.0 KiB

1
test/fixtures/index.js vendored
View File

@ -14,6 +14,7 @@ module.exports = {
inputJpgWithGammaHoliness: getPath('gamma_dalai_lama_gray.jpg'), // http://www.4p8.com/eric.brasseur/gamma.html inputJpgWithGammaHoliness: getPath('gamma_dalai_lama_gray.jpg'), // http://www.4p8.com/eric.brasseur/gamma.html
inputJpgWithCmykProfile: getPath('Channel_digital_image_CMYK_color.jpg'), // http://en.wikipedia.org/wiki/File:Channel_digital_image_CMYK_color.jpg inputJpgWithCmykProfile: getPath('Channel_digital_image_CMYK_color.jpg'), // http://en.wikipedia.org/wiki/File:Channel_digital_image_CMYK_color.jpg
inputJpgWithCmykNoProfile: getPath('Channel_digital_image_CMYK_color_no_profile.jpg'), inputJpgWithCmykNoProfile: getPath('Channel_digital_image_CMYK_color_no_profile.jpg'),
inputJpgWithCorruptHeader: getPath('corrupt-header.jpg'),
inputPng: getPath('50020484-00001.png'), // http://c.searspartsdirect.com/lis_png/PLDM/50020484-00001.png inputPng: getPath('50020484-00001.png'), // http://c.searspartsdirect.com/lis_png/PLDM/50020484-00001.png
inputPngWithTransparency: getPath('blackbug.png'), // public domain inputPngWithTransparency: getPath('blackbug.png'), // public domain

16
test/unit/io.js
View File

@ -292,6 +292,22 @@ describe('Input/output', function() {
}); });
}); });
it('File input with corrupt header fails gracefully', function(done) {
sharp(fixtures.inputJpgWithCorruptHeader)
.toBuffer(function(err) {
assert.strictEqual(true, !!err);
done();
});
});
it('Buffer input with corrupt header fails gracefully', function(done) {
sharp(fs.readFileSync(fixtures.inputJpgWithCorruptHeader))
.toBuffer(function(err) {
assert.strictEqual(true, !!err);
done();
});
});
describe('Output filename without extension uses input format', function() { describe('Output filename without extension uses input format', function() {
it('JPEG', function(done) { it('JPEG', function(done) {

16
test/unit/metadata.js
View File

@ -216,4 +216,20 @@ describe('Image metadata', function() {
}); });
}); });
it('File input with corrupt header fails gracefully', function(done) {
sharp(fixtures.inputJpgWithCorruptHeader)
.metadata(function(err) {
assert.strictEqual(true, !!err);
done();
});
});
it('Buffer input with corrupt header fails gracefully', function(done) {
sharp(fs.readFileSync(fixtures.inputJpgWithCorruptHeader))
.metadata(function(err) {
assert.strictEqual(true, !!err);
done();
});
});
}); });