Skip to content

Commit

Permalink
png: check magic bytes for well-formed files
Browse files Browse the repository at this point in the history
Closes #$250
  • Loading branch information
andymeneely committed Aug 9, 2018
1 parent 8f15c21 commit 5a8b3c5
Show file tree
Hide file tree
Showing 6 changed files with 50 additions and 2 deletions.
10 changes: 9 additions & 1 deletion CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,15 @@ Squib follows [semantic versioning](http://semver.org).

## v0.15.0 / Unreleased

## v0.14.2 / Unreleased
Features:
* Added check for malformed PNG files (#250, #218)

Docs:
* Documented the n-sided-ness of polygons and stars

Special thanks to @lcarlsen

## v0.14.2 / 2018-08-01

Features:
* Sprues for DriveThruCards and printandplaygames!! (#247, from @blinks)
Expand Down
17 changes: 16 additions & 1 deletion lib/squib/graphics/image.rb
Original file line number Diff line number Diff line change
Expand Up @@ -6,10 +6,25 @@ module Squib
# @api private
def cache_load_image(file)
@img_cache ||= {}
@img_cache[file] || @img_cache[file] = Cairo::ImageSurface.from_png(file)
@img_cache[file] ||= open_png file
end
module_function :cache_load_image

# Open a PNG file, checking magic bytes if it's a real PNG
# Magic bytes taken from:
# https://en.wikipedia.org/wiki/List_of_file_signatures
# :nodoc:
# @api private
PNG_MAGIC = [0x89, 0x50, 0x4E, 0x47, 0x0D, 0x0A, 0x1A, 0x0A]
def open_png(file)
if PNG_MAGIC == File.read(file, 8).bytes
return Cairo::ImageSurface.from_png(file)
else
raise ArgumentError.new("ERROR: #{file} is not a PNG file")
end
end
module_function :open_png

class Card

# :nodoc:
Expand Down
Binary file added spec/data/images/a.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
1 change: 1 addition & 0 deletions spec/data/images/not_a_png.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Not a PNG.
20 changes: 20 additions & 0 deletions spec/graphics/image_magicbytes_check.rb
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
require 'spec_helper'
require 'squib/graphics/image'

describe Squib do
context :open_png do

it 'opens a real image file' do
file = image_file('a.png')
expect(Squib.open_png(file)).to respond_to(:format) # loaded?
end

it 'fails on a non-PNG file' do
file = image_file('not_a_png.txt')
expect { Squib.open_png(file) }.
to raise_error(ArgumentError, /is not a PNG file/)

end

end
end
4 changes: 4 additions & 0 deletions spec/spec_helper.rb
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,10 @@ def csv_file(file)
"#{File.expand_path(File.dirname(__FILE__))}/data/csv/#{file}"
end

def image_file(file)
"#{File.expand_path(File.dirname(__FILE__))}/data/images/#{file}"
end

def xlsx_file(file)
"#{File.expand_path(File.dirname(__FILE__))}/data/xlsx/#{file}"
end
Expand Down

0 comments on commit 5a8b3c5

Please sign in to comment.