View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0000705 | file | General | public | 2025-12-29 18:23 | 2025-12-29 18:23 |
| Reporter | bana | Assigned To | |||
| Priority | normal | Severity | minor | Reproducibility | have not tried |
| Status | new | Resolution | open | ||
| Summary | 0000705: Question: Parsing untrusted data | ||||
| Description | During some code reviews in other applications I came across multiple uses of file and libmagic where untrusted and sometimes even suspected malicious files were parsed to determine the file type. This seems kinda dangerous to me but I have not found any clear warnings or recommendations that would indicate if there are any recommended options to do this more safely or if this should be avoided altogether. Considering how many application depend on this code, I am wondering if some general advice could be added to the documentation / man page Thank you | ||||
| Tags | No tags attached. | ||||
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2025-12-29 18:23 | bana | New Issue |
