Check RAW data

I'm getting from an external source a PNG image in raw format (encoded in
base64).

And with this code I'll echo on the screen.

------
$img=base64_decode($_POST['img']);

header("Content-type: image/png");
echo $img;
------

How can I check if the data received is a real PNG raw (and not malicious
code) ?

On Sun, 2008-04-20 at 15:52 +0200, rb wrote:
> I'm getting from an external source a PNG image in raw format (encoded in
> base64).
>
> And with this code I'll echo on the screen.
>
> ------
> $img=base64_decode($_POST['img']);
>
> header("Content-type: image/png");
> echo $img;
> ------

A quick way would be to try and make an image with the GD library.
Something like:
if (imagecreatefromstring($img)) {
header("Content-type:image/png");
echo $img;
}

> On Sun, 2008-04-20 at 15:52 +0200, rb wrote:
>> I'm getting from an external source a PNG image in raw format (encoded in
>> base64).
>>
>> And with this code I'll echo on the screen.
>>
>> ------
>> $img=base64_decode($_POST['img']);
>>
>> header("Content-type: image/png");
>> echo $img;
>> ------
>
> A quick way would be to try and make an image with the GD library.
> Something like:
> if (imagecreatefromstring($img)) {
> header("Content-type:image/png");
> echo $img;
> }

Perhaps check the image header matches the correct format for a PNG image.

--
Richard Heyes

+----------------------------------------+
| Access SSH with a Windows mapped drive |
| http://www.phpguru.org/sftpdrive |
+----------------------------------------+

> I don't believe malicious code can be executed with echo and header.

The header of the PNG file, not a HTTP header.

--
Richard Heyes

+----------------------------------------+
| Access SSH with a Windows mapped drive |
| http://www.phpguru.org/sftpdrive |
+----------------------------------------+

> I mean, if you already specified it as a PNG image with header(), how
> do you execute Javascript/malicious code, as the browser will render
> it as a PNG?

Malicious code can still be embedded in images. The vulnerabilities ISTR
are in Windows image handling libraries. I assume they've been fixed now
though because it was some time ago. But that doesn't mean to say more
won't be found.

--
Richard Heyes

+----------------------------------------+
| Access SSH with a Windows mapped drive |
| http://www.phpguru.org/sftpdrive |
+----------------------------------------+

On IE 5.5 and 6.x you can inject JS through PNG's
As I remember, they patched it at 7.x


On 20/04/2008, Richard Heyes <richardh@phpguru.org> wrote:
>
> I mean, if you already specified it as a PNG image with header(), how
> > do you execute Javascript/malicious code, as the browser will render
> > it as a PNG?
> >
>
> Malicious code can still be embedded in images. The vulnerabilities ISTR
> are in Windows image handling libraries. I assume they've been fixed now
> though because it was some time ago. But that doesn't mean to say more won't
> be found.
>
> --
> Richard Heyes
>
> +----------------------------------------+
> | Access SSH with a Windows mapped drive |
> | http://www.phpguru.org/sftpdrive |
> +----------------------------------------+
>
> --
> PHP General Mailing List (http://www.php.net/)
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>

> Malicious code can still be embedded in images. The vulnerabilities ISTR
> are in Windows image handling libraries. I assume they've been fixed now
> though because it was some time ago. But that doesn't mean to say more
> won't be found.
>

Could you suggest me a good piece of code to check the PNG header and if in
the rest of the passed data there isn't malicious code ?