Resave all uploaded images to get rid of exif data

RESOLVED FIXED in 2011-12-06

Status

support.mozilla.org
General
P1
normal
RESOLVED FIXED
7 years ago
2 years ago

People

(Reporter: paulc, Assigned: tgavankar)

Tracking

unspecified
2011-12-06

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [liberate])

(Reporter)

Description

7 years ago
Spin-off as a result of bug 619467 -- we've discussed with infrasec to do 3 things:
1. Limit to certain extensions for uploaded images (for now gif, png, jpe?g)
2. Re-save images to get rid of potentially malicious comments.
3. Rename the files to get rid of our unicode problems (already in bug 596116).


Erik has started some work on resaving images so assigning this to him.
If you're looking to liberate/steal code, you can check out https://github.com/jbalogh/zamboni/blob/master/apps/amo/utils.py#L251
Priority: -- → P1
Target Milestone: --- → 2.4.1
(Reporter)

Updated

7 years ago
Target Milestone: 2.4.1 → 2.4.2
Surely AMO and SUMO share a bunch of common image handling concepts, though no code. I'd love to take the common stuff (I know we just rethought thumbnail generation but AMO's is so pretty and already resaves everything as .png) and create something lower-level we could both use in commonware.
Whiteboard: [liberate]
Target Milestone: 2.4.2 → 2.4.3
Getting rid of malicious comments doesn't do much for us, as it's just as easy to paste malicious code into the body of the image (and the browser executes it just as readily).
Target Milestone: 2.4.3 → 2.5
Target Milestone: 2.5 → 2011Q1
(In reply to comment #3)
> Getting rid of malicious comments doesn't do much for us, as it's just as easy
> to paste malicious code into the body of the image (and the browser executes it
> just as readily).

Yes, if the "image" is served as html then the browser will execute it. However, our image defense consists of multiple layers.  Getting rid of malicious comments (or whatever might be there) is one of many steps in a defense in depth approach.

https://wiki.mozilla.org/WebAppSec/Secure_Coding_Guidelines#Image_Upload
Target Milestone: 2011Q1 → 2011Q2
Assignee: erik → nobody
Target Milestone: 2011Q2 → 2011Q3
I think Tanay will end up doing this as part of bug 630845.
Assignee: nobody → tgavankar
Target Milestone: 2011Q3 → 2011Q4
(Assignee)

Comment 6

6 years ago
Done with the image compression patch: https://github.com/jsocol/kitsune/commit/2bb577. All images are now converted/resaved as PNG.
Status: NEW → RESOLVED
Last Resolved: 6 years ago
Resolution: --- → FIXED
Target Milestone: 2011Q4 → 2011-12-06
(Assignee)

Comment 7

6 years ago
Note that this will result in a filesize increase (small one for png->png, larger one for something like jpg->png).
These bugs are all resolved, so I'm removing the security flag from them.
Group: websites-security
You need to log in before you can comment on or make changes to this bug.