How to Scan .HDR Files for Malicious Content using C/C++
Many binary or structured formats can become attack vectors when malformed headers, oversized payloads, or crafted data sequences are applied to exploit vulnerabilities in rendering libraries or custom parsing routines.
That includes .hdr files — a niche and generally highly trusted format used for high dynamic range imaging in computer graphics, photography, and film production.
Staying Vigilant Against Insecure .HDR Uploads
If you’re building 3D rendering pipelines, simulation tools, or any other C/C++ app that handles .hdr uploads, integrating a threat detection solution is essential.
The likelihood of a threat actor hacking your system with a malicious .hdr may seem incredibly low, but the chance is non-zero, and the consequences of allowing malformed .hdr files to exploit rendering vulnerabilities could create a severe setback.
It’s also possible, of course, that .hdr files are inadvertently malformed with zero malicious intent, which can cause just as much of an internal issue.
Implementing a Dynamic Threat Scanning API
It’s easy to check for insecure .hdr files (and dozens of other file types, like PDF and all Office documents) by implementing a free API in your C/C++ application. Using the below code, you can scan file uploads for viruses, malware, and a wide range of risky content types including executable content, invalid content, scripts, malicious subfiles, and more.
To structure your API call, you’ll first need to install libcurl in your C/C++ project:
libcurl/7.75.0Next, you’ll need to initialize cURL, set a POST request with headers, attach a file to scan, and send your API request:
CURL *curl;
CURLcode res;
curl = curl_easy_init();
if(curl) {
curl_easy_setopt(curl, CURLOPT_CUSTOMREQUEST, "POST");
curl_easy_setopt(curl, CURLOPT_URL, "https://api.cloudmersive.com/virus/scan/file/advanced");
curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1L);
curl_easy_setopt(curl, CURLOPT_DEFAULT_PROTOCOL, "https");
struct curl_slist *headers = NULL;
headers = curl_slist_append(headers, "allowExecutables: <boolean>");
headers = curl_slist_append(headers, "allowInvalidFiles: <boolean>");
headers = curl_slist_append(headers, "allowScripts: <boolean>");
headers = curl_slist_append(headers, "allowPasswordProtectedFiles: <boolean>");
headers = curl_slist_append(headers, "allowMacros: <boolean>");
headers = curl_slist_append(headers, "allowXmlExternalEntities: <boolean>");
headers = curl_slist_append(headers, "allowInsecureDeserialization: <boolean>");
headers = curl_slist_append(headers, "allowHtml: <boolean>");
headers = curl_slist_append(headers, "restrictFileTypes: <string>");
headers = curl_slist_append(headers, "Content-Type: multipart/form-data");
headers = curl_slist_append(headers, "Apikey: YOUR-API-KEY-HERE");
curl_easy_setopt(curl, CURLOPT_HTTPHEADER, headers);
curl_mime *mime;
curl_mimepart *part;
mime = curl_mime_init(curl);
part = curl_mime_addpart(mime);
curl_mime_name(part, "inputFile");
curl_mime_filedata(part, "/path/to/file");
curl_easy_setopt(curl, CURLOPT_MIMEPOST, mime);
res = curl_easy_perform(curl);
curl_mime_free(mime);
}
curl_easy_cleanup(curl);To authorize your API call, you’ll need to replace the YOUR-API-KEY-HERE text with your own free API key.
To configure custom threat rules in your request, you can set the <boolean> tags to true (allow content type) or false (disallow content type). This ensures you can ignore specific types of risky content that your application can’t afford to reject on a regular basis (e.g., password protected files are sometimes a requirement in file upload workflows).
