JAVA checks the image format

1) Determine whether the file extension is the required image Extension
However, this method is very inappropriate. If someone else slightly modifies the extension of a file that is not an image to the image extension, it bypasses your validation,
2) determine based on the first few bytes of the file, that is, the magic number.
Magic number, which specifies the first few bytes of the file used to uniquely distinguish other file types. With these magic numbers, we can easily distinguish different files.
For example, some bytes starting with a JPEG file may be like this. "ffd8 ffe0 0010 4a46 4946 0001 0101 0047 ...... JFIF ..... G"
Here, "ffd8" indicates that this file is a JPEG file.
. Bmp 42 4d
. Gif 47 49 46 38
. Png 89 50 4e 47
. Bz 42 5a
. Zip 50 4b 03 04
The first several bytes of different file types can be viewed in my other Tutorial: Magic numbers of different file types. Http://www.fenglibin.com/file_magic_numbers.html
However, this method is very unreliable because it can only verify the first few bytes of the file. If someone modifies the extension of an executable PHP file to PNG, then add the "89 50" two bytes in front, and then bypass this authentication method.
3) obtain the width and height attributes of an image.
If we can get the width and height attribute of an image normally, it must be an image. We cannot get the width and height attribute of a non-image file,
4) image security check.
By judging whether an image is indeed an image, if some illegal code is added to an image file that can be browsed normally, the image will also be opened on the webpage, illegal code insertion may be executed. Anti-virus software (such as AVAST) reports a virus for such modifications.
You can rewrite the image to add a watermark or resize it, so that the newly generated image will no longer contain such malicious code.
[Java]
/**
* Read the first two bytes of the image.
* @ Param src
* @ Return
*/
Public static String bytesToHexString (byte [] src ){
StringBuilder stringBuilder = new StringBuilder ();
If (src = null | src. length <= 0 ){
Return null;
}
For (int I = 0; I <src. length; I ++ ){
Int v = src [I] & 0xFF; // byte to int
String hv = Integer. toHexString (v );
If (hv. length () <2 ){
StringBuilder. append (0 );
}
StringBuilder. append (hv );
}
Return stringBuilder. toString ();
}

/**
* Determine whether the image is an image by judging its width and height.
* @ Param imageFile
* @ Return
*/
Public static boolean isImage (File imageFile ){
If (! ImageFile. exists ()){
Return false;
}
Image img = null;
Try {
Img = ImageIO. read (imageFile );
If (img = null | img. getWidth (null) <= 0 | img. getHeight (null) <= 0 ){
Return false;
}
Return true;
} Catch (Exception e ){
Return false;
} Finally {
Img = null;
}
}
 
Public static void main (String [] args) throws IOException {
String imagePath = "E: \ hwy.png ";
File image = new File (imagePath );
InputStream is = new FileInputStream (image );
// Read two bytes
Byte [] bt = new byte [2]; www.2cto.com
Is. read (bt );
System. out. println (bytesToHexString (bt); /// output 8950

Boolean B = isImage (image );
System. out. println (B );
}
Author: cdl2008sky