开发者

Can loading and resizing an uploaded image be dangerous?

开发者 https://www.devze.com 2023-01-22 07:50 出处:网络
I have ASP.NET form with an upload control for users to post an image. On the server I load that image (using the Bitmap class) and resize it.

I have ASP.NET form with an upload control for users to post an image. On the server I load that image (using the Bitmap class) and resize it.

Is there any danger in doing that when users upload malicious or affected files or will the code just throw an exception 开发者_如何学JAVAat some point and stop the whole process?


Best hacker can hope for is using Buffer Overflow exploit, then he's writing malicious code to the server memory. However from what I've read, such thing can happen only when using unsafe code, and since Bitmap is totally managed I'm pretty sure it's safe to use it.

However, really clever hacker can trick the Bitmap and create "custom" picture file that will be perfectly valid picture, but will also contain "hitchhiker" code that might cause damage when viewed in browser, using some future exploit. So safest way is to save the Bitmap itself to disk instead of the raw uploaded file, meaning use the bitmap.Save method instead of the SaveAs method of HttpPostedFile. This way any extra code will be omitted, as the Bitmap won't load it and your visitors will be safe.

By the way, you can store the uploaded files outside the website root folder, and create "proxy" file to read it from the folder: this way users won't be able to browse directly to the images, they'll have to use the proxy file. This is useful if you'll add permissions mechanism at some point, e.g. user A should not be able to see what user B uploaded.


I would:

Make sure the uploaded file is definitely an image so that people cannot upload arbitrary stuff - but you probably have that covered with he Bitmap class.

Rename the file once uploaded so someone uploading does not know the filename they have created.

Make sure the upload directory has minimal permissions.

Make sure the contents of the upload directory cannot be viewed in a browser.

0

精彩评论

暂无评论...
验证码 换一张
取 消