Refactor PNG validation and add unit tests for process

Moved PNG signature validation logic from confighttp.cpp to process.cpp as check_valid_png, and updated getCover to use validate_app_image_path for image path resolution and validation. Added extensive unit tests for check_valid_png and validate_app_image_path in test_process.cpp. Defined DEFAULT_APP_IMAGE_PATH in process.h and improved error handling and logging for invalid or unreadable PNG files.

Author: ReenigneArcher

src/confighttp.cpp

@@ -277,39 +277,6 @@ namespace confighttp {
     return true;
   }
 
-  /**
-   * @brief Validates a path whether it is a valid png.
-   * @param path The path to the png file.
-   */
-  bool check_valid_png(fs::path path) {
-    // PNG signature as defined in PNG specification
-    // http://www.libpng.org/pub/png/spec/1.2/PNG-Structure.html
-    static constexpr std::array<unsigned char, 8> PNG_SIGNATURE = {
-      0x89,
-      0x50,
-      0x4E,
-      0x47,
-      0x0D,
-      0x0A,
-      0x1A,
-      0x0A
-    };
-
-    std::ifstream file(path, std::ios::binary);
-    if (!file) {
-      return false;
-    }
-
-    std::array<unsigned char, 8> header;
-    file.read(reinterpret_cast<char *>(header.data()), 8);
-
-    if (file.gcount() != 8) {
-      return false;
-    }
-
-    return header == PNG_SIGNATURE;
-  }
-
   /**
    * @brief Get the index page.
    * @param response The HTTP response object.
@@ -980,8 +947,9 @@ namespace confighttp {
    * @api_examples{/api/covers/9999 | GET| null}
    */
   void getCover(resp_https_t response, req_https_t request) {
-    // Skip check_content_type() for this endpoint since the request body is not used.
-
+    if (!check_content_type(response, request, "application/json")) {
+      return;
+    }
     if (!authenticate(response, request)) {
       return;
     }
@@ -999,37 +967,22 @@ namespace confighttp {
       auto &apps = file_tree["apps"];
 
       auto &app = apps[index];
-      if (!app.contains("image-path") || app["image-path"].is_null()) {
-        not_found(response, request, "'image-path' not set or does not have a 'png' file extension");
-        return;
-      }
-
-      fs::path path = app["image-path"];
 
-      const fs::path coverdir = platf::appdata().string() + "/covers/";
-      if (fs::exists(coverdir / path)) {
-        path = coverdir / path;
+      // Get the image path from the app configuration
+      std::string app_image_path;
+      if (app.contains("image-path") && !app["image-path"].is_null()) {
+        app_image_path = app["image-path"];
       }
 
-      if (fs::exists(platf::appdata() / path)) {
-        path = platf::appdata().string() / path;
-      }
-
-      if (!fs::exists(path) || path.extension() != ".png") {
-        not_found(response, request, "'image-path' not set or does not have a 'png' file extension");
-        return;
-      }
+      // Use validate_app_image_path to resolve and validate the path
+      // This handles extension validation, PNG signature validation, and path resolution
+      std::string validated_path = proc::validate_app_image_path(app_image_path);
 
-      std::ifstream in(path, std::ios::binary);
+      // Open and stream the validated file
+      std::ifstream in(validated_path, std::ios::binary);
       if (!in) {
-        BOOST_LOG(debug) << "Unable to read file: " << path;
-        not_found(response, request, "'image-path' not set or does not have a 'png' file extension");
-        return;
-      }
-
-      if (!check_valid_png(path)) {
-        BOOST_LOG(debug) << "User requested corrupted png: " << path;
-        not_found(response, request, "'image-path' not set or does not have a 'png' file extension");
+        BOOST_LOG(warning) << "Unable to read cover image file: " << validated_path;
+        bad_request(response, request, "Unable to read cover image file");
         return;
       }
 

src/process.cpp

@@ -39,8 +39,6 @@
   #include <share.h>
 #endif
 
-#define DEFAULT_APP_IMAGE_PATH SUNSHINE_ASSETS_DIR "/box.png"
-
 namespace proc {
   using namespace std::literals;
   namespace pt = boost::property_tree;
@@ -466,6 +464,40 @@ namespace proc {
     return ss.str();
   }
 
+  /**
+   * @brief Validates a path whether it is a valid PNG.
+   * @param path The path to the PNG file.
+   * @return true if the file has a valid PNG signature, false otherwise.
+   */
+  bool check_valid_png(const std::filesystem::path &path) {
+    // PNG signature as defined in PNG specification
+    // http://www.libpng.org/pub/png/spec/1.2/PNG-Structure.html
+    static constexpr std::array<unsigned char, 8> PNG_SIGNATURE = {
+      0x89,
+      0x50,
+      0x4E,
+      0x47,
+      0x0D,
+      0x0A,
+      0x1A,
+      0x0A
+    };
+
+    std::ifstream file(path, std::ios::binary);
+    if (!file) {
+      return false;
+    }
+
+    std::array<unsigned char, 8> header;
+    file.read(reinterpret_cast<char *>(header.data()), 8);
+
+    if (file.gcount() != 8) {
+      return false;
+    }
+
+    return header == PNG_SIGNATURE;
+  }
+
   std::string validate_app_image_path(std::string app_image_path) {
     if (app_image_path.empty()) {
       return DEFAULT_APP_IMAGE_PATH;
@@ -475,28 +507,39 @@ namespace proc {
     auto image_extension = std::filesystem::path(app_image_path).extension().string();
     boost::to_lower(image_extension);
 
-    // return the default box image if extension is not "png"
+    // return the default box image if the extension is not "png"
     if (image_extension != ".png") {
       return DEFAULT_APP_IMAGE_PATH;
     }
 
     // check if image is in assets directory
-    auto full_image_path = std::filesystem::path(SUNSHINE_ASSETS_DIR) / app_image_path;
-    if (std::filesystem::exists(full_image_path)) {
+    if (auto full_image_path = std::filesystem::path(SUNSHINE_ASSETS_DIR) / app_image_path; std::filesystem::exists(full_image_path)) {
+      // Validate PNG signature
+      if (!check_valid_png(full_image_path)) {
+        BOOST_LOG(warning) << "Invalid PNG file at path ["sv << full_image_path << ']';
+        return DEFAULT_APP_IMAGE_PATH;
+      }
       return full_image_path.string();
-    } else if (app_image_path == "./assets/steam.png") {
+    }
+
+    if (app_image_path == "./assets/steam.png") {
       // handle old default steam image definition
       return SUNSHINE_ASSETS_DIR "/steam.png";
     }
 
     // check if specified image exists
-    std::error_code code;
-    if (!std::filesystem::exists(app_image_path, code)) {
+    if (std::error_code code; !std::filesystem::exists(app_image_path, code)) {
       // return default box image if image does not exist
       BOOST_LOG(warning) << "Couldn't find app image at path ["sv << app_image_path << ']';
       return DEFAULT_APP_IMAGE_PATH;
     }
 
+    // Validate PNG signature
+    if (!check_valid_png(app_image_path)) {
+      BOOST_LOG(warning) << "Invalid PNG file at path ["sv << app_image_path << ']';
+      return DEFAULT_APP_IMAGE_PATH;
+    }
+
     // image is a png, and not in assets directory
     // return only "content-type" http header compatible image type
     return app_image_path;

src/process.h

@@ -21,6 +21,8 @@
 #include "rtsp.h"
 #include "utility.h"
 
+#define DEFAULT_APP_IMAGE_PATH SUNSHINE_ASSETS_DIR "/box.png"
+
 namespace proc {
   using file_t = util::safe_ptr_v2<FILE, int, fclose>;
 
@@ -120,6 +122,7 @@ namespace proc {
    */
   std::tuple<std::string, std::string> calculate_app_id(const std::string &app_name, std::string app_image_path, int index);
 
+  bool check_valid_png(const std::filesystem::path &path);
   std::string validate_app_image_path(std::string app_image_path);
   void refresh(const std::string &file_name);
   std::optional<proc::proc_t> parse(const std::string &file_name);