If the image type has been correctly determined, most malicious images can be prevented from being uploaded. However, if by modifying the file stream, some malicious code or virus code is forcibly written into a legitimate picture, so the previous method can still pass smoothly, because it is a picture in the correct format, only reading Bytes and getting the image type cannot clean up the malicious code hidden in this type of image. Attached is part of the malicious image opened by UE. The right half of the image shows the malicious script:
Just imagine, if this type of picture is uploaded to the server, when the webpage that refers to the picture is accessed, and the user's machine is installed with anti-virus software, the anti-virus software will alarm the page at this time. If there are a lot of This kind of picture is miserable. As soon as the webpage is opened, the anti-virus software starts to report the virus. This allows users to dare to visit your website again.
In view of this situation, for a file of the image type, after uploading, the image can be scaled accordingly to destroy the structure of the binary executable file uploaded by the malicious user, so as to avoid malicious code execution. jmagick can process images accordingly, and the image scaling method provided by the tool can remove redundant non-image elements, so we only need to scale the image to its original size after correct format verification to remove malicious information:
code show as below:
packageapistudy;
importjava.io.IOException;
importmagick.ImageInfo;
importmagick.MagickImage;
/**
*Createdon2010-7-8
*<p>Description:[通过jmagick清除图片中的恶意信息]</p>
*@author[emailprotected]
*@version1.0
*/
publicclassImageTypeTest
{
static
{
System.setProperty("jmagick.systemclassloader","no");
}
/**
*Createdon2010-7-8
*<p>Discription:[main]</p>
*@paramargs
*@author:[[emailprotected]]
*/
publicstaticvoidmain(String[]args)
{
StringsrcFileName="c:/img/c.jpg";
try
{
filterImageByScale(srcFileName);
}
catch(IOExceptione)
{
e.printStackTrace();
}
}
/**
*Createdon2010-7-8
*<p>Discription:[filterImageByScale,清除图片中的恶意代码]</p>
*@paramsrcFileName
*@throwsIOException
*@author:[[emailprotected]]
*/
publicfinalstaticvoidfilterImageByScale(StringsrcFileName)throwsIOException
{
MagickImagemagic=null;
try
{
ImageInfoimgInfo=newImageInfo(srcFileName);
magic=newMagickImage(imgInfo);
intwidth=(int)magic.getDimension().getWidth();
intheight=(int)magic.getDimension().getHeight();
MagickImagenewImage=magic.scaleImage(width,height);
newImage.profileImage("*",null);//Clear useless information
newImage.setImageAttribute("JPEG-Sampling-factors",null);//Clear useless information
newImage.setImageAttribute("comment",null);//Clear useless information
newImage.writeImage(newImageInfo());
newImage.writeImage(imgInfo);
}
catch(Exceptione1)
{
e1.printStackTrace();
}
finally
{
try
{
magic.destroyImages();
}
catch(Exceptione2)
{
e2.printStackTrace ();
}
}
}
}
After running the above program, open the original picture again, the malicious content is gone, the size is smaller than before, and the antivirus software will not report the virus.