编程语言
首页 > 编程语言> > php – 如何使用ImageMagick防止图像炸弹?

php – 如何使用ImageMagick防止图像炸弹?

作者:互联网

我目前在PHP上使用Imagick库并使用Image Magick的调整大小功能.我刚刚了解了减压炸弹以及ImageMagick如何容易受到攻击.

我已经检查了如何ping图像并验证图像的尺寸,而不实际将其加载到内存/磁盘中.限制ImageMagick的内存和磁盘限制也更安全,因此它不会只在磁盘上写入一个巨大的文件.

我已经阅读过,我可以用setResourceLimit()来做到这一点.
http://php.net/manual/en/imagick.setresourcelimit.php

IMagick::setResourceLimit(IMagick::RESOURCETYPE_MEMORY , 100);
IMagick::setResourceLimit(IMagick::RESOURCETYPE_DISK , 100);

$thumb = new Imagick('image.png');
$thumb->resizeImage(320,240,Imagick::FILTER_LANCZOS,1);

但是,在设置磁盘和内存限制后,如果图像达到此限制,我得到的只是一个分段错误错误,不会抛出任何异常.这使我无法正确处理它.

更新:

以下是我正在使用的软件包版本:

dpkg -l | grep magick
ii  imagemagick-common                    8:6.6.9.7-5ubuntu3.3              image manipulation programs -- infrastructure
ii  libmagickcore4                        8:6.6.9.7-5ubuntu3.3              low-level image manipulation library
ii  libmagickwand4                        8:6.6.9.7-5ubuntu3.3              image manipulation library
ii  php5-imagick                          3.1.0~rc1-1                       ImageMagick module for php5

解决方法:

设置“资源区域”限制仅设置图像未保留在内存中的大小,而是设置为磁盘.如果要使用该设置实际限制可以打开的最大大小图像,还需要设置“资源磁盘”限制.

下面的代码正确地给出了from here拍摄的图像炸弹的内存分配错误.

try {
    Imagick::setResourceLimit(Imagick::RESOURCETYPE_AREA, 2000 * 2000);
    Imagick::setResourceLimit(Imagick::RESOURCETYPE_DISK, 2000 * 2000);

    $imagick = new Imagick("./picture-100M-6000x6000.png");
    $imagick->modulateImage(100, 50, 120);
    $imagick->writeImage("./output.png");

    echo "Complete";
}
catch(\Exception $e) {
    echo "Exception: ".$e->getMessage()."\n";
}

输出是:

Exception: Memory allocation failed `./picture-100M-6000×6000.png’ @ error/png.c/MagickPNGErrorHandler/1630

如果要设置宽度和高度资源,并且具有ImageMagick> = 6.9.0-1的版本,则应该能够直接使用WidthResource = 9的值,HeightResource = 10

//Set max image width of 2000
Imagick::setResourceLimit(9, 2000);
//Set max image height of 1000
Imagick::setResourceLimit(10, 1000);

这些不必以编程方式设置,您可以通过随ImageMagick安装的policy.xml文件进行设置.如果没有在程序中设置,ImageMagick会读取该文件并使用这些设置 – 这可能是更方便的设置方式,因为您可以在每台机器上更改它们.

This makes it impossible for me to handle it properly.

它使您无法在同一过程中处理它.您可以通过在后台任务中运行图像处理来处理它.

我个人认为无论如何,在Web浏览器直接访问的服务器中使用Imagick是疯了.将它作为后台任务(由http://supervisord.org/管理)运行并通过需要处理的作业队列与后台任务进行通信更安全.

这不仅解决了“坏图像可能导致网站崩溃”的问题,而且还可以更轻松地监控资源使用情况,或者将图像处理转移到CPU比CPU前端服务器需要的速度更快的机器上.

来源 – 我是Imagick扩展的维护者,我最近将其添加到了Imagick自述文件中:

Security

The PHP extension Imagick works by calling the ImageMagick library.
Although the ImageMagick developers take good care in avoiding bugs it
is inevitable that some bugs will be present in the code. ImageMagick
also uses a lot of third party libraries to open, read and manipulate
files. The writers of these libraries also take care when writing
their code. However everyone makes mistakes and there will inevitably
be some bugs present.

Because ImageMagick is used to process images it is feasibly possible
for hackers to create images that contain invalid data to attempt to
exploit these bugs. Because of this we recommend the following:

1) Do not run Imagick in a server that is directly accessible from
outside your network. It is better to either use it as a background
task using something like SupervisorD or to run it in a separate
server that is not directly access on the internet.

Doing this will make it difficult for hackers to exploit a bug, even
if one should exist in the libraries that ImageMagick is using.

2) Run it as a very low privileged process. As much as possible the
files and system resources accessible to the PHP script that Imagick
is being called from should be locked down.

3) Check the result of the image processing is a valid image file
before displaying it to the user. In the extremely unlikely event that
a hacker is able to pipe arbitrary files to the output of Imagick,
checking that it is an image file, and not the source code of your
application that is being sent, is a sensible precaution.

标签:imagick,php,image-resizing,imagemagick,imagemagick-identify
来源: https://codeday.me/bug/20190722/1504465.html