加载和调整上传图像的大小会危险吗?

发布于 2024-09-29 17:19:38 字数 129 浏览 7 评论 0原文

我有 ASP.NET 表单,带有上传控件,供用户发布图像。在服务器上,我加载该图像(使用 Bitmap 类)并调整其大小。

当用户上传恶意或受影响的文件时,这样做是否存在任何危险,或者代码是否会在某个时刻抛出异常并停止整个过程?

I have ASP.NET form with an upload control for users to post an image. On the server I load that image (using the Bitmap class) and resize it.

Is there any danger in doing that when users upload malicious or affected files or will the code just throw an exception at some point and stop the whole process?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(2

蓬勃野心 2024-10-06 17:19:38

黑客最希望的就是利用缓冲区溢出漏洞,然后将恶意代码写入服务器内存。然而,根据我所读到的内容,只有在使用不安全代码时才会发生这种情况,并且由于 Bitmap 是完全托管的,所以我很确定使用它是安全的。

然而,真正聪明的黑客可以欺骗位图并创建“自定义”图片文件,该文件将是完全有效的图片,但也包含“搭便车”代码,当在浏览器中查看时,使用一些未来的漏洞可能会造成损坏。因此最安全的方法是将位图本身保存到磁盘而不是原始上传的文件,这意味着使用 bitmap.Save 方法而不是 HttpPostedFile 的 SaveAs 方法。这样,任何额外的代码都将被省略,因为位图不会加载它,并且您的访问者将是安全的。

顺便说一句,您可以将上传的文件存储在网站根文件夹之外,并创建“代理”文件以从该文件夹中读取它:这样用户将无法直接浏览到图像,他们必须使用代理文件。如果您要在某个时刻添加权限机制(例如,用户 A 不应该看到用户 B 上传的内容),这会很有用。

Best hacker can hope for is using Buffer Overflow exploit, then he's writing malicious code to the server memory. However from what I've read, such thing can happen only when using unsafe code, and since Bitmap is totally managed I'm pretty sure it's safe to use it.

However, really clever hacker can trick the Bitmap and create "custom" picture file that will be perfectly valid picture, but will also contain "hitchhiker" code that might cause damage when viewed in browser, using some future exploit. So safest way is to save the Bitmap itself to disk instead of the raw uploaded file, meaning use the bitmap.Save method instead of the SaveAs method of HttpPostedFile. This way any extra code will be omitted, as the Bitmap won't load it and your visitors will be safe.

By the way, you can store the uploaded files outside the website root folder, and create "proxy" file to read it from the folder: this way users won't be able to browse directly to the images, they'll have to use the proxy file. This is useful if you'll add permissions mechanism at some point, e.g. user A should not be able to see what user B uploaded.

千と千尋 2024-10-06 17:19:38

我会:

确保上传的文件绝对是一个图像,这样人们就不能上传任意的东西 - 但你可能已经用 Bitmap 类覆盖了它。

上传后重命名文件,这样上传的人就不会知道他们创建的文件名。

确保上传目录具有最小权限。

确保上传目录的内容无法在浏览器中查看。

I would:

Make sure the uploaded file is definitely an image so that people cannot upload arbitrary stuff - but you probably have that covered with he Bitmap class.

Rename the file once uploaded so someone uploading does not know the filename they have created.

Make sure the upload directory has minimal permissions.

Make sure the contents of the upload directory cannot be viewed in a browser.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文