Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

How to restrict Trojan picture upload server by Golang

2025-01-28 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Development >

Share

Shulou(Shulou.com)06/01 Report--

This article mainly explains the "Golang how to limit Trojan picture upload server", the content of the article is simple and clear, easy to learn and understand, the following please follow the editor's ideas slowly in depth, together to study and learn "Golang how to limit Trojan picture upload server" bar!

Project background

We have developed a cloud object storage service to store all the file resources in a project.

problem

In the security test, I encountered a problem: unable to limit the Trojan virus simulated picture file to upload. A file that looks like a picture suffix is actually a Trojan script. For example, the image file: muma.jpeg, we use the UltraEdit editor to open this file, the content of the file is shown in the following figure:

However, the contents of a normal jpeg image file are shown in the following figure:

Solve

So how to solve this problem? There is no doubt that what we need to do is to distinguish between real pictures and Trojans.

After a fierce investigation, I finally found a solution, which is to use the standard library of Golang language-image.

However, there is a problem, the image library does not support all image types of verification, currently only supports jpeg, gif, png image format. We encapsulate a method and support the authenticity verification of three image formats at the same time.

The reference code is as follows:

Func CheckImageFile (path, style string) (string, error) {f, err: = os.Open (path) if err! = nil {fmt.Errorf ("failed to open file% s", err.Error ())} switch strings.ToUpper (style) {case "JPG", "JPEG": _ Err = jpeg.Decode (f) case "PNG": _, err = png.Decode (f) case "GIF": _, err = gif.Decode (f)} if err! = nil {fmt.Errorf ("failed to verify file type% s", err.Error ()) return "" Err} return "", nil}

When calling the above method, you only need to pass in the image path and suffix type to verify the authenticity of the file. Very convenient, I have verified and passed.

Thank you for your reading, the above is the content of "Golang how to restrict Trojan picture upload server". After the study of this article, I believe you have a deeper understanding of how Golang limits Trojan picture upload server, and the specific use needs to be verified in practice. Here is, the editor will push for you more related knowledge points of the article, welcome to follow!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 288

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Share To

Development

Wechat

© 2024 shulou.com SLNews company. All rights reserved.

12
Report