Add safe checks around use of QImageReader (#3736)

Co-authored-by: pajlada <rasmus.karlsson@pajlada.com>
2024-11-21 22:24:07 +01:00 · 2022-05-28 11:48:31 +00:00 · 2022-05-28 11:48:31 +00:00 · efcfb19187
commit efcfb19187
parent 135f914b38
3 changed files with 35 additions and 12 deletions
--- a/src/messages/Image.cpp
+++ b/src/messages/Image.cpp
@ -138,14 +138,6 @@ namespace detail {
    {
        QVector<Frame<QImage>> frames;

-        if (reader.imageCount() == 0)
-        {
-            qCDebug(chatterinoImage)
-                << "Error while reading image" << url.string << ": '"
-                << reader.errorString() << "'";
-            return frames;
-        }
-
        QImage image;
        for (int index = 0; index < reader.imageCount(); ++index)
        {
@ -413,8 +405,30 @@ void Image::actuallyLoad()
            buffer.open(QIODevice::ReadOnly);
            QImageReader reader(&buffer);

+            if (!reader.canRead())
+            {
+                qCDebug(chatterinoImage)
+                    << "Error: image cant be read " << shared->url().string;
+                return Failure;
+            }
+
+            const auto size = reader.size();
+            if (size.isEmpty())
+            {
+                return Failure;
+            }
+
+            // returns 1 for non-animated formats
+            if (reader.imageCount() <= 0)
+            {
+                qCDebug(chatterinoImage)
+                    << "Error: image has less than 1 frame "
+                    << shared->url().string << ": " << reader.errorString();
+                return Failure;
+            }
+
            // use "double" to prevent int overflows
-            if (double(reader.size().width()) * double(reader.size().height()) *
+            if (double(size.width()) * double(size.height()) *
                    double(reader.imageCount()) * 4.0 >
                double(Image::maxBytesRam))
            {
--- a/src/messages/MessageBuilder.cpp
+++ b/src/messages/MessageBuilder.cpp
@ -14,7 +14,6 @@
 #include "util/FormatTime.hpp"

 #include <QDateTime>
-#include <QImageReader>

 namespace chatterino {

--- a/src/providers/twitch/TwitchBadges.cpp
+++ b/src/providers/twitch/TwitchBadges.cpp
@ -204,8 +204,18 @@ void TwitchBadges::loadEmoteImage(const QString &name, ImagePtr image,
            buffer.open(QIODevice::ReadOnly);
            QImageReader reader(&buffer);

-            QImage image;
-            if (reader.imageCount() == 0 || !reader.read(&image))
+            if (!reader.canRead() || reader.size().isEmpty())
+            {
+                return Failure;
+            }
+
+            QImage image = reader.read();
+            if (image.isNull())
+            {
+                return Failure;
+            }
+
+            if (reader.imageCount() <= 0)
            {
                return Failure;
            }