Jump to content

ImageMagick vulnerability


Pierre-Luc
 Share

Recommended Posts

We already check for correct filetypes (imageformats) before processing images. We use PHPs function getimagesize(), what internally uses this magic-byte-check for format detection, I assume. But will check this further. :)

EDIT: Yes they do: https://github.com/php/php-src/blob/1c295d4a9ac78fcc2f77d6695987598bb7abcb83/ext/standard/image.c#L41

https://github.com/php/php-src/blob/1c295d4a9ac78fcc2f77d6695987598bb7abcb83/ext/standard/image.c#L1246

Edited by horst
  • Like 6
Link to comment
Share on other sites

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...