Mikko Ohtamaa
Reputation: 83676
Limiting what formats PIL image loads
To decrease the amount of possible attack vectors on a website, what would be the best way to limit formats Python Imaging Library can read to the set of known good codecs (GIF, JPEG, PNG).
This way the users could not submit more exotic formats and exploit possible codec bugs to do buffer overflow, etc. style attack.
Preferably in run-time.
Upvotes: 4
Views: 211
Answers (1)
Ernest0x
Reputation: 181
You can use python-magic to check for accepted mimetypes before passing the file/buffer to PIL.
Upvotes: 3
Related Questions
- How to get the format of image with PIL?
- PIL Image with mode 1
- Load Image using PIL module
- opening images with Python PIL
- Loading Images with PIL in python
- PIL image conversion not using file system
- Reading PNG with PIL in Python
- Python Image conversion with PIL library
- PIL loading jpg
- PIL open.image & convert problems