Guard plugin image payload loading

[masshirodev]

Summary

This adds a small payload sniff before PluginImageCache hands downloaded plugin icons/images to the texture manager.

If a plugin repository icon URL returns a successful HTTP response that is not actually image data, the plugin installer now logs the bad payload and skips it instead of sending arbitrary bytes through WIC/TexFile decoding.

Motivation

While testing under XIVLauncher.Core/Wine, opening /xlplugins caused the plugin installer to fetch some icon URLs that ended in .png but redirected to JSON (application/json). Dalamud then attempted to decode those JSON bytes as an image/TexFile, logged texture decode failures, and the runtime later crashed.

Example failing path from logs:

• PluginImageCache.TryLoadImage
• TextureManager.CreateFromImageAsync
• TextureManager.Wic.NoThrottleCreateFromWicStream
• fallback NoThrottleCreateFromTexFile
• The file is not a TexFile

The immediate bad responses were from plugin icon URLs that looked image-like but returned JSON after redirect.

Changes

• Adds IsSupportedImagePayload(...) to PluginImageCache.
• Allows expected image magic headers: PNG, JPEG, GIF, BMP, TIFF, ICO.
• Preserves support for FFXIV TexFile payloads via TexFileExtensions.IsPossiblyTexFile2D.
• Rejects unsupported payloads before invoking WIC/TexFile decode.

Validation

dotnet build Dalamud/Dalamud.csproj -c Debug

[Critical-Impact]

Is the runtime crash something you see under WINE or Windows? Also can you provide the runtime crash you get?

[masshirodev]

This was observed under Wine/XIVLauncher.Core on Linux, not Windows.

Environment summary:

• Arch Linux x86_64, kernel 6.18.21-1-lts
• XIVLauncher.Core 1.4.0
• Wine via XIVLauncher.Core managed Wine stable, ESync; system Wine package is 11.6
• DXVK 2.6.1 stock, async/GPL/state cache disabled
• NVIDIA RTX 3050, driver 580.142
• Dalamud 15.0.2.0, git hash 8323fad
• Game version 2026.05.25.0000.0000
• .NET 10.0.0 / CoreCLR 10.0.25.52411

Runtime crash from dalamud_appcrash_20260606_201952_019_556.log:

CLR error occurred
System Time: 2026-06-07 00:19:56.5434476 +00:00
CPU Vendor: AuthenticAMD
CPU Brand: AMD Ryzen 5 5600X 6-Core Processor
GPU Desc: NVIDIA GeForce RTX 3050

Additional Information
{
Application: ffxiv_dx11.exe
CoreCLR Version: 10.0.25.52411
.NET Version: 10.0.0
Description: The process was terminated due to an internal error in the .NET Runtime at IP 0x00006FFFFDE0FA59 (0x00006FFFFDD60000) with exit code 0x80131506.
}

Thread: 0x230
Call Stack
{
  [0] kernelbase.dll+D197
  [1] Dalamud.Boot.dll+6731C (`InitializeImpl'::`2'::<lambda_5>::operator()+0x11C)
  [2] Dalamud.Boot.dll+6A190 (utils::thunk<int __cdecl(...)>::detour+0xE0)
}

The repro path I hit was opening /xlplugins. The Plugin Installer was trying to load a third-party icon URL ending in .png, but that request redirected to an API endpoint returning JSON. The log then shows WIC decode failing with 0x88982F50, TexFile fallback failing with The file is not a TexFile., and the exception surfacing through Dalamud.Interface.Internal.Windows.PluginImageCache.TryLoadImage(...).

I can provide the sanitized crash/log bundle if useful, but I redacted third-party plugin/repo names and URLs from the public comment.

dalamud-pr-2850-sanitized.zip