Install ImageMagick

Multiple versions of ImageMagic installation files are available for various operating systems. Use the appropriate version for your operating system.

  1. Download the appropriate ImageMagick installation files for your operating system.

  2. To install ImageMagick on the disk hosting the Experience Manager server, launch the installation file.

  3. Set the path Environment variable to the ImageMagic installation directory.

  4. To check whether the installation was successful, execute the identify -version command.

Set up the command line process step

You can set up the command line process step for your particular use case. Perform these steps to generate a flipped image and thumbnails (140x100, 48x48, 319x319, and 1280x1280) each time you add a JPEG image file to /content/dam on the Experience Manager server:

  1. On the Experience Manager server, go to the Workflow console (https://[aem_server]:[port]/workflow) and open the DAM Update Asset workflow model.

  2. From the DAM Update Asset workflow model, open the EPS thumbnails (powered by ImageMagick) step.

  3. In the Arguments tab, add image/jpeg to the Mime Types list.

    mime_types_jpeg

  4. In the Commands box, enter the following command:

    convert ./${filename} -flip ./${basename}.flipped.jpg

  5. Select the Delete Generated Rendition and Generate Web Rendition flags.

    select_flags

  6. In the Web Enabled Image tab, specify the details for the rendition with dimensions 1280x1280 pixels. In addition, specify image/jpeg in the Mimetype box.

    web_enabled_image

  7. Click OK to save the changes.

    NOTE
    The convert command may not run with certain Windows versions (for example, Windows SE), because it conflicts with the native convert utility that is part of Windows installation. In this case, mention the complete path for the ImageMagick utility. For example, specify,
    "C:\Program Files\ImageMagick-6.8.9-Q16\convert.exe" -define jpeg:size=319x319 ./${filename} -thumbnail 319x319 cq5dam.thumbnail.319.319.png
  8. Open the Process Thumbnails step, and add the MIME type image/jpeg under Skip Mime Types.

    skip_mime_types

  9. In the Web Enabled Image tab, add the MIME type image/jpeg under the Skip List. Click OK to save the changes.

    web_enabled

  10. Save the workflow.

  11. To verify proper processing, upload a JPG image to Assets. After the processing is complete, check whether a flipped image and the renditions are generated or not.

Mitigating security vulnerabilities

There are multiple security vulnerabilities associated with using ImageMagick to process images. For example, processing user-submitted images involves the risk of remote code execution (RCE).

In addition, various image-processing plug-ins depend on the ImageMagick library, including but not limited to PHP’s imagick, Ruby’s rmagick and paperclip, and nodejs’s imagemagick.

If you use ImageMagick or an affected library, Adobe recommends that you mitigate the known vulnerabilities by performing at least one of the following tasks (but preferably both):

  1. Verify that all image files begin with the expected “magic bytes” corresponding to the image file types you support before sending them to ImageMagick for processing.
  2. Use a policy file to disable the vulnerable ImageMagick coders. The global policy for ImageMagick is found at /etc/ImageMagick.

Experience Manager