Remove (or Update) custom JpegImageConverter with vulnerable Magick.NET

Author: dessyordanova

PdfProcessing/CustomJpegImageConverter/CustomJpegImageConverter.cs

@@ -1,29 +1,72 @@
-using ImageMagick;
+using SixLabors.ImageSharp;
+using SixLabors.ImageSharp.Formats.Jpeg;
+using SixLabors.ImageSharp.Formats.Png;
+using SixLabors.ImageSharp.PixelFormats;
+using SixLabors.ImageSharp.Processing;
+
+using System;
+using System.IO;
 using Telerik.Windows.Documents.Extensibility;
 using Telerik.Windows.Documents.Fixed.FormatProviders.Pdf.Export;
 
 namespace CustomJpegImageConverter
 {
+
+    // SixLabors.ImageSharp 3.1.12
+    // SixLabors.ImageSharp.Drawing 2.1.7
+
     internal class CustomJpegImageConverter : JpegImageConverterBase
     {
         public override bool TryConvertToJpegImageData(byte[] imageData, ImageQuality imageQuality, out byte[] jpegImageData)
         {
-            IMagickFormatInfo formatInfo = MagickFormatInfo.Create(imageData);
-            if (formatInfo != null && formatInfo.SupportsReading)
+            jpegImageData = null;
+
+            try
             {
-                using (MagickImage magickImage = new MagickImage(imageData))
+                using (var imageStream = new MemoryStream(imageData))
                 {
-                    magickImage.Alpha(AlphaOption.Remove);
-                    magickImage.Quality = (uint)imageQuality;
+                    Image image = Image.Load(imageStream);
+                    var imageFormat = image.Metadata.DecodedImageFormat;
+
+                    // Handle transparency for PNG
+                    if (imageFormat is PngFormat && image.PixelType.BitsPerPixel == 32)
+                    {
+                        var background = new Image<Rgba32>(image.Width, image.Height, Color.White);
+                        background.Mutate(ctx => ctx.DrawImage(image, 1f));
+
+                        image.Dispose(); // Dispose original
+                        image = background; // Assign new image
+                    }
+
+                    var jpegEncoder = new JpegEncoder
+                    {
+                        Quality = (int)imageQuality
+                    };
 
-                    jpegImageData = magickImage.ToByteArray(MagickFormat.Jpeg);
+                    using (var ms = new MemoryStream())
+                    {
+                        image.Save(ms, jpegEncoder);
+                        jpegImageData = ms.ToArray();
+                    }
+
+                    image.Dispose(); // Dispose final image
                 }
 
                 return true;
             }
+            catch (SixLabors.ImageSharp.UnknownImageFormatException)
+            {
+                return false;
+            }
+            catch (SixLabors.ImageSharp.ImageProcessingException)
+            {
+                return false;
+            }
+            catch (Exception)
+            {
+                return false;
+            }
 
-            jpegImageData = null;
-            return false;
         }
     }
 }

PdfProcessing/CustomJpegImageConverter/CustomJpegImageConverter_NetStandard.csproj

@@ -20,12 +20,11 @@
       <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
     </Content>
   </ItemGroup>
-  <ItemGroup>
-    <PackageReference Include="Magick.NET-Q16-AnyCPU" Version="14.4.0" />
-  </ItemGroup>
   <ItemGroup>
   </ItemGroup>
   <ItemGroup Label="Telerik NuGet Packages References">
+	<PackageReference Include="SixLabors.ImageSharp" Version="3.1.12" />
+	<PackageReference Include="SixLabors.ImageSharp.Drawing" Version="2.1.7" />
     <PackageReference Include="Telerik.Documents.Core" Version="*" />
     <PackageReference Include="Telerik.Documents.Fixed" Version="*" />
     <PackageReference Include="Telerik.Zip" Version="*" />