Fixed Avatar/profile banner uploads don't properly check if the image can be processed, and throw an exception

[king of the internet]

Affected version

2.3.3

Here is the traceback, there is a similar one for profile banner uploads.

Error: Call to a member function getType() on null in src/XF/Service/User/AvatarService.php at line 236
XF\Service\User\AvatarService->updateAvatar() in src/XF/Pub/Controller/AccountController.php at line 620
XF\Pub\Controller\AccountController->actionAvatar() in src/XF/Mvc/Dispatcher.php at line 362
XF\Mvc\Dispatcher->dispatchClass() in src/XF/Mvc/Dispatcher.php at line 269
XF\Mvc\Dispatcher->dispatchFromMatch() in src/XF/Mvc/Dispatcher.php at line 121
XF\Mvc\Dispatcher->dispatchLoop() in src/XF/Mvc/Dispatcher.php at line 63
XF\Mvc\Dispatcher->run() in src/XF/App.php at line 2826
XF\App->run() in src/XF.php at line 806
XF::runApp() in index.php at line 23

This happens because imageFromFile can return null if, say, gd can't load the image (for example, it is an animated WebP...), but the code doesn't check for this case and assumes it can call ->getType() to compare to IMAGETYPE_WEBP to see if it is "optimized". The usual error that would only be reported to the user doesn't happen because a different function which doesn't fail (getimagesize) is used to determine if the image is valid.

 

[king of the internet]

My server error log is nothing but constant spam from this bug ever since upgrading. It would be reassuring if there was even a little bit of communication from the developers.

 

[XF Bug Bot]

Thank you for reporting this issue, it has now been resolved. We are aiming to include any changes that have been made in a future XF release (2.3.4).

Change log:

Gracefully handle when an avatar cannot be processed

There may be a delay before changes are rolled out to the XenForo Community.