Check that avatar and favicon images cached are really images

content.py

@@ -2184,3 +2184,40 @@ def add_name_emojis_to_tags(base_dir: str, http_prefix: str,
         if updated:
             new_tag['updated'] = updated
         actor_json['tag'].append(new_tag)
+
+
+def binary_is_image(filename: str, media_binary) -> bool:
+    """Returns true if the given file binary data contains an image
+    """
+    if len(media_binary) < 13:
+        return False
+    filename_lower = filename.lower()
+    bin_is_image = False
+    if filename_lower.endswith('.jpeg') or filename_lower.endswith('jpg'):
+        if media_binary[6:10] in (b'JFIF', b'Exif'):
+            bin_is_image = True
+    elif filename_lower.endswith('.ico'):
+        if media_binary.startswith(b'\x00\x00\x01\x00'):
+            bin_is_image = True
+    elif filename_lower.endswith('.png'):
+        if media_binary.startswith(b'\211PNG\r\n\032\n'):
+            bin_is_image = True
+    elif filename_lower.endswith('.webp'):
+        if media_binary.startswith(b'RIFF') and media_binary[8:12] == b'WEBP':
+            bin_is_image = True
+    elif filename_lower.endswith('.gif'):
+        if media_binary[:6] in (b'GIF87a', b'GIF89a'):
+            bin_is_image = True
+    elif filename_lower.endswith('.avif'):
+        if media_binary[4:12] == b'ftypavif':
+            bin_is_image = True
+    elif filename_lower.endswith('.heic'):
+        if media_binary[4:12] == b'ftypmif1':
+            bin_is_image = True
+    elif filename_lower.endswith('.jxl'):
+        if media_binary.startswith(b'\xff\n'):
+            bin_is_image = True
+    elif filename_lower.endswith('.svg'):
+        if '<svg' in str(media_binary):
+            bin_is_image = True
+    return bin_is_image

daemon.py

@@ -381,6 +381,7 @@ from utils import has_group_type
 from manualapprove import manual_deny_follow_request_thread
 from manualapprove import manual_approve_follow_request_thread
 from announce import create_announce
+from content import binary_is_image
 from content import add_name_emojis_to_tags
 from content import load_dogwhistles
 from content import valid_url_lengths
@@ -9541,18 +9542,21 @@ class PubServer(BaseHTTPRequestHandler):
         except OSError:
             print('EX: unable to read cached favicon ' + fav_filename)
         if media_binary:
-            mime_type = media_file_mime_type(fav_filename)
-            self._set_headers_etag(fav_filename,
-                                   mime_type,
-                                   media_binary, None,
-                                   referer_domain,
-                                   False, None)
-            self._write(media_binary)
-            fitness_performance(getreq_start_time, self.server.fitness,
-                                '_GET', '_show_cached_favicon',
-                                self.server.debug)
-            self.server.favicons_cache[fav_file] = media_binary
-            return
+            if binary_is_image(fav_filename, media_binary):
+                mime_type = media_file_mime_type(fav_filename)
+                self._set_headers_etag(fav_filename,
+                                       mime_type,
+                                       media_binary, None,
+                                       referer_domain,
+                                       False, None)
+                self._write(media_binary)
+                fitness_performance(getreq_start_time, self.server.fitness,
+                                    '_GET', '_show_cached_favicon',
+                                    self.server.debug)
+                self.server.favicons_cache[fav_file] = media_binary
+                return
+            else:
+                print('WARN: favicon is not an image ' + fav_filename)
         self._404()
 
     def _show_cached_avatar(self, referer_domain: str, path: str,

webapp_utils.py

@@ -36,6 +36,7 @@ from utils import remove_eol
 from filters import is_filtered
 from cache import get_actor_public_key_from_id
 from cache import store_person_in_cache
+from content import binary_is_image
 from content import add_html_tags
 from content import replace_emoji_from_tags
 from person import get_person_avatar_url
@@ -399,12 +400,17 @@ def update_avatar_image_cache(signing_priv_key_pem: str,
                               'update_avatar_image_cache unable to delete ' +
                               avatar_image_filename)
             else:
-                with open(avatar_image_filename, 'wb') as fp_av:
-                    fp_av.write(result.content)
-                    if debug:
-                        print('avatar image downloaded for ' + actor)
-                    return avatar_image_filename.replace(base_dir + '/cache',
-                                                         '')
+                media_binary = result.content
+                if binary_is_image(avatar_image_filename, media_binary):
+                    with open(avatar_image_filename, 'wb') as fp_av:
+                        fp_av.write(media_binary)
+                        if debug:
+                            print('avatar image downloaded for ' + actor)
+                        return avatar_image_filename.replace(base_dir +
+                                                             '/cache', '')
+                else:
+                    print('WARN: avatar image binary not recognized ' +
+                          actor + ' ' + str(media_binary[0:20]))
         except Exception as ex:
             print('EX: Failed to download avatar image: ' +
                   str(avatar_url) + ' ' + str(ex))