Beefy Boxes and Bandwidth Generously Provided by pair Networks
Pathologically Eclectic Rubbish Lister
 
PerlMonks  

Re: security: making sure graphics uploaded by users are safe

by CountZero (Bishop)
on Sep 30, 2009 at 06:13 UTC ( [id://798241]=note: print w/replies, xml ) Need Help??


in reply to security: making sure graphics uploaded by users are safe

A good trick might be to randomly change the size, the format or the resolution of the image a few times (of course ending up with the original size and resolution or with a standard size, format and resolution). This is likely to seriously scramble the contents of the file and break any embedded code.

Especially if you use a "lossy" format such as jpeg the chances of anything hidden in the file to survive will be low.

Unfortunately it will also reduce the quality of the image, but nowadays, most images have too high a resolution for webpages anyhow and reducing this to a mofre reasonable resolution will also serve the purpose of "destroying" any unwanted payload in the file.

CountZero

A program should be light and agile, its subroutines connected like a string of pearls. The spirit and intent of the program should be retained throughout. There should be neither too little or too much, neither needless loops nor useless variables, neither lack of structure nor overwhelming rigidity." - The Tao of Programming, 4.1 - Geoffrey James

  • Comment on Re: security: making sure graphics uploaded by users are safe

In Section Seekers of Perl Wisdom

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: note [id://798241]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others chanting in the Monastery: (4)
As of 2024-04-20 02:42 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found