Security: How to validate image file uploads?

Question

I need to accept image file uploads from the users.

How can I check and be 100% sure that I don't get a malicious file or something?

Check the mime type? Re-draw the image? Anti-virus?

Answer 1

Redraw the image, read it up with GD's imagecreatefromXXX() and save it back with imageXXX()

This way you can also scale it to more convenient sizes and keep bandwidth consumption in check.

To save on computing power, deny upload to files bigger than a certain limit.

5megs or 10megs should be fine, as limits go.

Keep GD updated, and be wary that (7 years ago, apparently) it used to sport buffer overflows in the handling of PNG images

Alternatively, you could also preprocess uploaded images in background with commands such as ImageMagick's convert and such.

Last note of warning: on Windo(w)s convert is also a command used to format hard disk, so put some effort into removing abiguities if you deploy on that.