图像消毒库 [英] Image sanitization library

问题描述

我有一个网站，显示用户提交的图像.我很担心 一些明智的人上传图片，可能会利用某个图片中的0天漏洞 浏览器渲染引擎.此外，我想清除元数据的图像 (例如EXIF数据)，并尝试以无损方式进一步压缩它们 (有几种针对PNG和JPEG的命令行实用程序.)

I have a website that displays images submitted by users. I am concerned about some wiseguy uploading an image which may exploit some 0-day vulnerability in a browser rendering engine. Moreover, I would like to purge images of metadata (like EXIF data), and attempt to compress them further in a lossless manner (there are several such command line utilities for PNG and JPEG).

考虑到以上几点，我的问题如下:是否有一些C/C ++ 图书馆可以满足上述情况?即使 解析->清除->消毒->压缩->编写的完整管道 在任何单个库中均不可用，我至少可以实现 解析->清除->清理->编写管道(不压缩) 支持JPEG/PNG/GIF的库吗?

With the above in mind, my question is as follows: is there some C/C++ library out there that caters to the above scenario? And even if the full pipeline of parsing -> purging -> sanitizing -> compressing -> writing is not available in any single library, can I at least implement the parsing -> purging -> sanitizing -> writing pipeline (without compressing) in a library that supports JPEG/PNG/GIF?

推荐答案

您的要求无法满足:如果您使用的其中一个图像读取库中存在0天漏洞，则您的代码在被利用时可能会被利用尝试解析和清理传入的文件.通过在收到图像后立即进行预先消毒"，您可以早点而不是晚一点地利用漏洞.

Your requirement is impossible to fulfill: if there is a 0-day vulnerability in one of the image reading libraries you use, then your code may be exploitable when it tries to parse and sanitize the incoming file. By "presanitizing" as soon as the image is received, you'd just be moving the point of exploitation earlier rather than later.

唯一有用的是解析和清理沙箱中的传入图像，以便至少在存在漏洞的情况下将其包含在沙箱中.沙箱可以是一个独立的进程，可以在chroot环境(或VM，对于偏执狂)中以非特权用户身份运行，其接口仅由字节流输入，经过清理的映像组成.

The only thing that would help is to parse and sanitize incoming images in a sandbox, so that, at least, if there was a vulnerability, it would be contained to the sandbox. The sandbox could be a separate process running as an unprivileged user in a chroot environment (or VM, for the very paranoid), with an interface consisting only of bytestream in, sanitized image out.

清理本身就像使用 ImageMagick 打开图像并将其解码一样简单到光栅，然后以标准格式(例如PNG或JPEG)重新编码和发射它们.请注意，如果输入和输出都是有损格式(如JPEG)，则此转换将是有损的.

The sanitization itself could be as simple as opening the image with ImageMagick, decoding it to a raster, and reencoding and emitting them in a standard format (say, PNG or JPEG). Note that if the input and output are both lossy formats (like JPEG) then this transformation will be lossy.

这篇关于图像消毒库的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！