From 577ca4875a60d69e1407f154e1f36ca4ab22e86b Mon Sep 17 00:00:00 2001
From: Mathis Mensing <github@matmen.dev>
Date: Wed, 3 Apr 2024 20:58:26 +0200
Subject: [PATCH] fix: check buffer length before type conversion

---
 ImageScript.js | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/ImageScript.js b/ImageScript.js
index fc205f5..62197e5 100644
--- a/ImageScript.js
+++ b/ImageScript.js
@@ -1624,7 +1624,7 @@ class ImageType {
      * @returns {boolean}
      */
     static isPNG(view) {
-        return view.getUint32(0, false) === MAGIC_NUMBERS.PNG;
+        return view.byteLength >= 4 && view.getUint32(0, false) === MAGIC_NUMBERS.PNG;
     }
 
     /**
@@ -1632,7 +1632,7 @@ class ImageType {
      * @returns {boolean}
      */
     static isJPEG(view) {
-        return (view.getUint32(0, false) >>> 8) === MAGIC_NUMBERS.JPEG;
+        return view.byteLength >= 4 && (view.getUint32(0, false) >>> 8) === MAGIC_NUMBERS.JPEG;
     }
 
     /**
@@ -1640,7 +1640,7 @@ class ImageType {
      * @returns {boolean}
      */
     static isTIFF(view) {
-        return view.getUint32(0, false) === MAGIC_NUMBERS.TIFF;
+        return view.byteLength >= 4 && view.getUint32(0, false) === MAGIC_NUMBERS.TIFF;
     }
 
     /**
@@ -1648,7 +1648,7 @@ class ImageType {
      * @returns {boolean}
      */
     static isGIF(view) {
-        return (view.getUint32(0, false) >>> 8) === MAGIC_NUMBERS.GIF;
+        return view.byteLength >= 4 && (view.getUint32(0, false) >>> 8) === MAGIC_NUMBERS.GIF;
     }
 }