From bdeb32b3cf7457105076bd92f0cbdc746fcbb76f Mon Sep 17 00:00:00 2001
From: Aevann <randomname42029@gmail.com>
Date: Fri, 17 Mar 2023 13:00:54 +0200
Subject: [PATCH] in process_dm_images, check if it is actually an image (using
 pillow)

---
 files/helpers/media.py | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/files/helpers/media.py b/files/helpers/media.py
index ebcc5be4c..fe7fd1d3a 100644
--- a/files/helpers/media.py
+++ b/files/helpers/media.py
@@ -288,6 +288,13 @@ def process_dm_images(v, user, body):
 			filename = f'/dm_images/{time.time()}'.replace('.','') + '.webp'
 			file.save(filename)
 
+			try:
+				with Image.open(filename) as i:
+					pass
+			except:
+				os.remove(filename)
+				abort(415)
+
 			size = os.stat(filename).st_size
 			patron = bool(v.patron)