fix: validate TIFF dimensions before decoding and correct .tif MIME type

gpardhivvarma · gpardhivvarma · commit 1c061d636bbf · 2026-02-27T00:31:50.000+05:30
Move MAX_PIXEL_COUNT check before UTIF.decodeImage/toRGBA8 so oversized
TIFFs are rejected before allocating the RGBA buffer.

Map .tif extension to image/tiff in Content_Types.xml generation to
avoid emitting the invalid MIME type image/tif.
diff --git a/packages/super-editor/src/core/DocxZipper.js b/packages/super-editor/src/core/DocxZipper.js
@@ -96,6 +96,7 @@ class DocxZipper {
   async updateContentTypes(docx, media, fromJson, updatedDocs = {}) {
     const additionalPartNames = Object.keys(updatedDocs || {});
     const imageExts = new Set(['png', 'jpg', 'jpeg', 'gif', 'bmp', 'tiff', 'tif', 'emf', 'wmf', 'svg', 'webp']);
+    const mimeTypeForExt = { tif: 'tiff' };
     const newMediaTypes = Object.keys(media)
       .map((name) => this.getFileExtension(name))
       .filter((ext) => ext && imageExts.has(ext));
@@ -121,7 +122,8 @@ class DocxZipper {
       if (defaultMediaTypes.includes(type)) continue;
       if (seenTypes.has(type)) continue;
 
-      const newContentType = `<Default Extension="${type}" ContentType="image/${type}"/>`;
+      const mime = mimeTypeForExt[type] || type;
+      const newContentType = `<Default Extension="${type}" ContentType="image/${mime}"/>`;
       typesString += newContentType;
       seenTypes.add(type);
     }
diff --git a/packages/super-editor/src/core/super-converter/v3/handlers/wp/helpers/tiff-converter.js b/packages/super-editor/src/core/super-converter/v3/handlers/wp/helpers/tiff-converter.js
@@ -90,14 +90,15 @@ export function convertTiffToPng(data) {
     const ifds = UTIF.decode(buffer);
     if (!ifds || ifds.length === 0) return null;
 
+    // Validate dimensions from IFD metadata before decoding pixel data
+    const { width, height } = ifds[0];
+    if (!width || !height || width * height > MAX_PIXEL_COUNT) return null;
+
     // Decode pixel data for the first page
     UTIF.decodeImage(buffer, ifds[0]);
     const rgba = UTIF.toRGBA8(ifds[0]);
     if (!rgba || rgba.length === 0) return null;
 
-    const { width, height } = ifds[0];
-    if (!width || !height || width * height > MAX_PIXEL_COUNT) return null;
-
     // Render to canvas and export as PNG
     const canvas = createCanvas();
     if (!canvas) {
