]> BookStack Code Mirror - bookstack/commitdiff
projects / bookstack / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side (parent: 2fb873f)
Images: Forced intervention loading via specific method
authorDan Brown <redacted>
Sun, 19 Nov 2023 16:34:29 +0000 (16:34 +0000)
committerDan Brown <redacted>
Sun, 19 Nov 2023 16:34:29 +0000 (16:34 +0000)
Updated image loading for intervention library to be via a specific
'initFromBinary' method to avoid being overly accepting of input types
and mechansisms.

For CVE-2023-6199

app/Config/app.php patch | blob | history
app/Uploads/ImageResizer.php patch | blob | history

diff --git a/app/Config/app.php b/app/Config/app.php
index dcd3ffc314eee1216273ba2b47f073387a5dd8e6..fc913eb8fee4334f25e0946de70a7a9f8b5dba91 100644 (file)
--- a/app/Config/app.php
+++ b/app/Config/app.php
@@ -141,7 +141,6 @@ return [
         // Third party service providers
         Barryvdh\DomPDF\ServiceProvider::class,
         Barryvdh\Snappy\ServiceProvider::class,
-        Intervention\Image\ImageServiceProvider::class,
         SocialiteProviders\Manager\ServiceProvider::class,
 
         // BookStack custom service providers
@@ -161,9 +160,6 @@ return [
         // Laravel Packages
         'Socialite'    => Laravel\Socialite\Facades\Socialite::class,
 
-        // Third Party
-        'ImageTool' => Intervention\Image\Facades\Image::class,
-
         // Custom BookStack
         'Activity'    => BookStack\Facades\Activity::class,
         'Theme'       => BookStack\Facades\Theme::class,
diff --git a/app/Uploads/ImageResizer.php b/app/Uploads/ImageResizer.php
index e229bb5a053eee8595f776586b6588ee7e54fa15..4dc1b0b9922a5a2e30a0c5c35bc8b0dece27896c 100644 (file)
--- a/app/Uploads/ImageResizer.php
+++ b/app/Uploads/ImageResizer.php
@@ -6,15 +6,14 @@ use BookStack\Exceptions\ImageUploadException;
 use Exception;
 use GuzzleHttp\Psr7\Utils;
 use Illuminate\Support\Facades\Cache;
+use Intervention\Image\Gd\Driver;
 use Intervention\Image\Image as InterventionImage;
-use Intervention\Image\ImageManager;
 
 class ImageResizer
 {
     protected const THUMBNAIL_CACHE_TIME = 604_800; // 1 week
 
     public function __construct(
-        protected ImageManager $intervention,
         protected ImageStorage $storage,
     ) {
     }
@@ -117,7 +116,7 @@ class ImageResizer
         ?string $format = null,
     ): string {
         try {
-            $thumb = $this->intervention->make($imageData);
+            $thumb = $this->interventionFromImageData($imageData);
         } catch (Exception $e) {
             throw new ImageUploadException(trans('errors.cannot_create_thumbs'));
         }
@@ -144,6 +143,17 @@ class ImageResizer
         return $thumbData;
     }
 
+    /**
+     * Create an intervention image instance from the given image data.
+     * Performs some manual library usage to ensure image is specifically loaded
+     * from given binary data instead of data being misinterpreted.
+     */
+    protected function interventionFromImageData(string $imageData): InterventionImage
+    {
+        $driver = new Driver();
+        return $driver->decoder->initFromBinary($imageData);
+    }
+
     /**
      * Orientate the given intervention image based upon the given original image data.
      * Intervention does have an `orientate` method but the exif data it needs is lost before it
The core source code for the BookStack project.